SUSE-SU-2026:20149-1
Vulnerability from csaf_suse - Published: 2026-01-26 11:24 - Updated: 2026-01-26 11:24Summary
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Description of the patch
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).
- CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248301).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
The following non security issues were fixed:
- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).
- powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs (bsc#1251956).
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
Patchnames
SUSE-SLES-16.0-196
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).\n- CVE-2025-38554: mm: fix a UAF when vma-\u003emm is freed after vma-\u003evm_refcnt got dropped (bsc#1248301).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).\n- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).\n- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).\n\nThe following non security issues were fixed:\n\n- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).\n- powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs (bsc#1251956).\n- fix addr_bit_set() issue on big-endian machines (bsc#1256928).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-196",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20149-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20149-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620149-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20149-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023950.html"
},
{
"category": "self",
"summary": "SUSE Bug 1246019",
"url": "https://bugzilla.suse.com/1246019"
},
{
"category": "self",
"summary": "SUSE Bug 1248301",
"url": "https://bugzilla.suse.com/1248301"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248631",
"url": "https://bugzilla.suse.com/1248631"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1248672",
"url": "https://bugzilla.suse.com/1248672"
},
{
"category": "self",
"summary": "SUSE Bug 1249207",
"url": "https://bugzilla.suse.com/1249207"
},
{
"category": "self",
"summary": "SUSE Bug 1249208",
"url": "https://bugzilla.suse.com/1249208"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1249537",
"url": "https://bugzilla.suse.com/1249537"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251956",
"url": "https://bugzilla.suse.com/1251956"
},
{
"category": "self",
"summary": "SUSE Bug 1251982",
"url": "https://bugzilla.suse.com/1251982"
},
{
"category": "self",
"summary": "SUSE Bug 1252270",
"url": "https://bugzilla.suse.com/1252270"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE Bug 1254196",
"url": "https://bugzilla.suse.com/1254196"
},
{
"category": "self",
"summary": "SUSE Bug 1256928",
"url": "https://bugzilla.suse.com/1256928"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53164 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38554 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40212 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40212/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-01-26T11:24:31Z",
"generator": {
"date": "2026-01-26T11:24:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20149-1",
"initial_release_date": "2026-01-26T11:24:31Z",
"revision_history": [
{
"date": "2026-01-26T11:24:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53164"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ordering of qlen adjustment\n\nChanges to sch-\u003eq.qlen around qdisc_tree_reduce_backlog() need to happen\n_before_ a call to said function because otherwise it may fail to notify\nparent qdiscs when the child is about to become empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53164",
"url": "https://www.suse.com/security/cve/CVE-2024-53164"
},
{
"category": "external",
"summary": "SUSE Bug 1234863 for CVE-2024-53164",
"url": "https://bugzilla.suse.com/1234863"
},
{
"category": "external",
"summary": "SUSE Bug 1246019 for CVE-2024-53164",
"url": "https://bugzilla.suse.com/1246019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2024-53164"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38554"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: fix a UAF when vma-\u003emm is freed after vma-\u003evm_refcnt got dropped\n\nBy inducing delays in the right places, Jann Horn created a reproducer for\na hard to hit UAF issue that became possible after VMAs were allowed to be\nrecycled by adding SLAB_TYPESAFE_BY_RCU to their cache.\n\nRace description is borrowed from Jann\u0027s discovery report:\nlock_vma_under_rcu() looks up a VMA locklessly with mas_walk() under\nrcu_read_lock(). At that point, the VMA may be concurrently freed, and it\ncan be recycled by another process. vma_start_read() then increments the\nvma-\u003evm_refcnt (if it is in an acceptable range), and if this succeeds,\nvma_start_read() can return a recycled VMA.\n\nIn this scenario where the VMA has been recycled, lock_vma_under_rcu()\nwill then detect the mismatching -\u003evm_mm pointer and drop the VMA through\nvma_end_read(), which calls vma_refcount_put(). vma_refcount_put() drops\nthe refcount and then calls rcuwait_wake_up() using a copy of vma-\u003evm_mm. \nThis is wrong: It implicitly assumes that the caller is keeping the VMA\u0027s\nmm alive, but in this scenario the caller has no relation to the VMA\u0027s mm,\nso the rcuwait_wake_up() can cause UAF.\n\nThe diagram depicting the race:\nT1 T2 T3\n== == ==\nlock_vma_under_rcu\n mas_walk\n \u003cVMA gets removed from mm\u003e\n mmap\n \u003cthe same VMA is reallocated\u003e\n vma_start_read\n __refcount_inc_not_zero_limited_acquire\n munmap\n __vma_enter_locked\n refcount_add_not_zero\n vma_end_read\n vma_refcount_put\n __refcount_dec_and_test\n rcuwait_wait_event\n \u003cfinish operation\u003e\n rcuwait_wake_up [UAF]\n\nNote that rcuwait_wait_event() in T3 does not block because refcount was\nalready dropped by T1. At this point T3 can exit and free the mm causing\nUAF in T1.\n\nTo avoid this we move vma-\u003evm_mm verification into vma_start_read() and\ngrab vma-\u003evm_mm to stabilize it before vma_refcount_put() operation.\n\n[surenb@google.com: v3]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38554",
"url": "https://www.suse.com/security/cve/CVE-2025-38554"
},
{
"category": "external",
"summary": "SUSE Bug 1248299 for CVE-2025-38554",
"url": "https://bugzilla.suse.com/1248299"
},
{
"category": "external",
"summary": "SUSE Bug 1248301 for CVE-2025-38554",
"url": "https://bugzilla.suse.com/1248301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38554"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix a null pointer dereference in ice_copy_and_init_pkg()\n\nAdd check for the return value of devm_kmemdup()\nto prevent potential null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38664",
"url": "https://www.suse.com/security/cve/CVE-2025-38664"
},
{
"category": "external",
"summary": "SUSE Bug 1248628 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "external",
"summary": "SUSE Bug 1248631 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-38664"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-39963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix incorrect io_kiocb reference in io_link_skb\n\nIn io_link_skb function, there is a bug where prev_notif is incorrectly\nassigned using \u0027nd\u0027 instead of \u0027prev_nd\u0027. This causes the context\nvalidation check to compare the current notification with itself instead\nof comparing it with the previous notification.\n\nFix by using the correct prev_nd parameter when obtaining prev_notif.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39963",
"url": "https://www.suse.com/security/cve/CVE-2025-39963"
},
{
"category": "external",
"summary": "SUSE Bug 1251819 for CVE-2025-39963",
"url": "https://bugzilla.suse.com/1251819"
},
{
"category": "external",
"summary": "SUSE Bug 1251982 for CVE-2025-39963",
"url": "https://bugzilla.suse.com/1251982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-39963"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
},
{
"cve": "CVE-2025-40212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix refcount leak in nfsd_set_fh_dentry()\n\nnfsd exports a \"pseudo root filesystem\" which is used by NFSv4 to find\nthe various exported filesystems using LOOKUP requests from a known root\nfilehandle. NFSv3 uses the MOUNT protocol to find those exported\nfilesystems and so is not given access to the pseudo root filesystem.\n\nIf a v3 (or v2) client uses a filehandle from that filesystem,\nnfsd_set_fh_dentry() will report an error, but still stores the export\nin \"struct svc_fh\" even though it also drops the reference (exp_put()).\nThis means that when fh_put() is called an extra reference will be dropped\nwhich can lead to use-after-free and possible denial of service.\n\nNormal NFS usage will not provide a pseudo-root filehandle to a v3\nclient. This bug can only be triggered by the client synthesising an\nincorrect filehandle.\n\nTo fix this we move the assignments to the svc_fh later, after all\npossible error cases have been detected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40212",
"url": "https://www.suse.com/security/cve/CVE-2025-40212"
},
{
"category": "external",
"summary": "SUSE Bug 1254195 for CVE-2025-40212",
"url": "https://bugzilla.suse.com/1254195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-5-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-26T11:24:31Z",
"details": "important"
}
],
"title": "CVE-2025-40212"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…