Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02849-1 Final 1 1 2025-08-18T15:57:04Z current 2025-08-18T15:57:04Z 2025-08-18T15:57:04Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). - CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). - CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). - CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). - CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185). - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). - CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). - CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). - CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). - CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). - CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). - CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). - CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). - CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314). - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: - Revert 'hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).' - Revert 'mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race' - Revert 'mm/hugetlb: unshare page tables during VMA split, not before' The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sle-micro-rancher/5.3:latest-2025-2849,Container suse/sle-micro-rancher/5.4:latest-2025-2849,SUSE-2025-2849,SUSE-SLE-Micro-5.3-2025-2849,SUSE-SLE-Micro-5.4-2025-2849,SUSE-SLE-Module-Live-Patching-15-SP4-2025-2849,SUSE-SLE-Product-HA-15-SP4-2025-2849,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2849,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2849,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2849,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2849,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2849,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2849 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ Link for SUSE-SU-2025:02849-1 https://lists.suse.com/pipermail/sle-updates/2025-August/041259.html E-Mail link for SUSE-SU-2025:02849-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1206051 SUSE Bug 1206051 https://bugzilla.suse.com/1221829 SUSE Bug 1221829 https://bugzilla.suse.com/1229334 SUSE Bug 1229334 https://bugzilla.suse.com/1234863 SUSE Bug 1234863 https://bugzilla.suse.com/1236104 SUSE Bug 1236104 https://bugzilla.suse.com/1236333 SUSE Bug 1236333 https://bugzilla.suse.com/1238160 SUSE Bug 1238160 https://bugzilla.suse.com/1239644 SUSE Bug 1239644 https://bugzilla.suse.com/1240185 SUSE Bug 1240185 https://bugzilla.suse.com/1240799 SUSE Bug 1240799 https://bugzilla.suse.com/1242414 SUSE Bug 1242414 https://bugzilla.suse.com/1242780 SUSE Bug 1242780 https://bugzilla.suse.com/1244309 SUSE Bug 1244309 https://bugzilla.suse.com/1245217 SUSE Bug 1245217 https://bugzilla.suse.com/1245431 SUSE Bug 1245431 https://bugzilla.suse.com/1245506 SUSE Bug 1245506 https://bugzilla.suse.com/1245711 SUSE Bug 1245711 https://bugzilla.suse.com/1245986 SUSE Bug 1245986 https://bugzilla.suse.com/1246000 SUSE Bug 1246000 https://bugzilla.suse.com/1246029 SUSE Bug 1246029 https://bugzilla.suse.com/1246037 SUSE Bug 1246037 https://bugzilla.suse.com/1246045 SUSE Bug 1246045 https://bugzilla.suse.com/1246073 SUSE Bug 1246073 https://bugzilla.suse.com/1246186 SUSE Bug 1246186 https://bugzilla.suse.com/1246781 SUSE Bug 1246781 https://bugzilla.suse.com/1247314 SUSE Bug 1247314 https://bugzilla.suse.com/1247347 SUSE Bug 1247347 https://bugzilla.suse.com/1247348 SUSE Bug 1247348 https://bugzilla.suse.com/1247349 SUSE Bug 1247349 https://bugzilla.suse.com/1247437 SUSE Bug 1247437 https://www.suse.com/security/cve/CVE-2022-49138/ SUSE CVE CVE-2022-49138 page https://www.suse.com/security/cve/CVE-2022-49770/ SUSE CVE CVE-2022-49770 page https://www.suse.com/security/cve/CVE-2023-52923/ SUSE CVE CVE-2023-52923 page https://www.suse.com/security/cve/CVE-2023-52927/ SUSE CVE CVE-2023-52927 page https://www.suse.com/security/cve/CVE-2023-53117/ SUSE CVE CVE-2023-53117 page https://www.suse.com/security/cve/CVE-2024-26643/ SUSE CVE CVE-2024-26643 page https://www.suse.com/security/cve/CVE-2024-42265/ SUSE CVE CVE-2024-42265 page https://www.suse.com/security/cve/CVE-2024-53164/ SUSE CVE CVE-2024-53164 page https://www.suse.com/security/cve/CVE-2024-57947/ SUSE CVE CVE-2024-57947 page https://www.suse.com/security/cve/CVE-2025-21881/ SUSE CVE CVE-2025-21881 page https://www.suse.com/security/cve/CVE-2025-21971/ SUSE CVE CVE-2025-21971 page https://www.suse.com/security/cve/CVE-2025-37798/ SUSE CVE CVE-2025-37798 page https://www.suse.com/security/cve/CVE-2025-38079/ SUSE CVE CVE-2025-38079 page https://www.suse.com/security/cve/CVE-2025-38088/ SUSE CVE CVE-2025-38088 page https://www.suse.com/security/cve/CVE-2025-38120/ SUSE CVE CVE-2025-38120 page https://www.suse.com/security/cve/CVE-2025-38177/ SUSE CVE CVE-2025-38177 page https://www.suse.com/security/cve/CVE-2025-38181/ SUSE CVE CVE-2025-38181 page https://www.suse.com/security/cve/CVE-2025-38200/ SUSE CVE CVE-2025-38200 page https://www.suse.com/security/cve/CVE-2025-38206/ SUSE CVE CVE-2025-38206 page https://www.suse.com/security/cve/CVE-2025-38212/ SUSE CVE CVE-2025-38212 page https://www.suse.com/security/cve/CVE-2025-38213/ SUSE CVE CVE-2025-38213 page https://www.suse.com/security/cve/CVE-2025-38257/ SUSE CVE CVE-2025-38257 page https://www.suse.com/security/cve/CVE-2025-38350/ SUSE CVE CVE-2025-38350 page https://www.suse.com/security/cve/CVE-2025-38468/ SUSE CVE CVE-2025-38468 page https://www.suse.com/security/cve/CVE-2025-38477/ SUSE CVE CVE-2025-38477 page https://www.suse.com/security/cve/CVE-2025-38494/ SUSE CVE CVE-2025-38494 page https://www.suse.com/security/cve/CVE-2025-38495/ SUSE CVE CVE-2025-38495 page https://www.suse.com/security/cve/CVE-2025-38497/ SUSE CVE CVE-2025-38497 page Container suse/sle-micro-rancher/5.3:latest Container suse/sle-micro-rancher/5.4:latest SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Live Patching 15 SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy LTS 4.3 SUSE Manager Server LTS 4.3 kernel-default-5.14.21-150400.24.173.1 cluster-md-kmp-64kb-5.14.21-150400.24.173.1 cluster-md-kmp-default-5.14.21-150400.24.173.1 dlm-kmp-64kb-5.14.21-150400.24.173.1 dlm-kmp-default-5.14.21-150400.24.173.1 dtb-allwinner-5.14.21-150400.24.173.1 dtb-altera-5.14.21-150400.24.173.1 dtb-amazon-5.14.21-150400.24.173.1 dtb-amd-5.14.21-150400.24.173.1 dtb-amlogic-5.14.21-150400.24.173.1 dtb-apm-5.14.21-150400.24.173.1 dtb-apple-5.14.21-150400.24.173.1 dtb-arm-5.14.21-150400.24.173.1 dtb-broadcom-5.14.21-150400.24.173.1 dtb-cavium-5.14.21-150400.24.173.1 dtb-exynos-5.14.21-150400.24.173.1 dtb-freescale-5.14.21-150400.24.173.1 dtb-hisilicon-5.14.21-150400.24.173.1 dtb-lg-5.14.21-150400.24.173.1 dtb-marvell-5.14.21-150400.24.173.1 dtb-mediatek-5.14.21-150400.24.173.1 dtb-nvidia-5.14.21-150400.24.173.1 dtb-qcom-5.14.21-150400.24.173.1 dtb-renesas-5.14.21-150400.24.173.1 dtb-rockchip-5.14.21-150400.24.173.1 dtb-socionext-5.14.21-150400.24.173.1 dtb-sprd-5.14.21-150400.24.173.1 dtb-xilinx-5.14.21-150400.24.173.1 gfs2-kmp-64kb-5.14.21-150400.24.173.1 gfs2-kmp-default-5.14.21-150400.24.173.1 kernel-64kb-5.14.21-150400.24.173.1 kernel-64kb-devel-5.14.21-150400.24.173.1 kernel-64kb-extra-5.14.21-150400.24.173.1 kernel-64kb-optional-5.14.21-150400.24.173.1 kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 kernel-default-base-rebuild-5.14.21-150400.24.173.1.150400.24.88.1 kernel-default-devel-5.14.21-150400.24.173.1 kernel-default-extra-5.14.21-150400.24.173.1 kernel-default-livepatch-5.14.21-150400.24.173.1 kernel-default-livepatch-devel-5.14.21-150400.24.173.1 kernel-default-optional-5.14.21-150400.24.173.1 kernel-devel-5.14.21-150400.24.173.1 kernel-docs-5.14.21-150400.24.173.1 kernel-docs-html-5.14.21-150400.24.173.1 kernel-kvmsmall-5.14.21-150400.24.173.1 kernel-kvmsmall-devel-5.14.21-150400.24.173.1 kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 kernel-macros-5.14.21-150400.24.173.1 kernel-obs-build-5.14.21-150400.24.173.1 kernel-obs-qa-5.14.21-150400.24.173.1 kernel-source-5.14.21-150400.24.173.1 kernel-source-vanilla-5.14.21-150400.24.173.1 kernel-syms-5.14.21-150400.24.173.1 kernel-zfcpdump-5.14.21-150400.24.173.1 kselftests-kmp-64kb-5.14.21-150400.24.173.1 kselftests-kmp-default-5.14.21-150400.24.173.1 ocfs2-kmp-64kb-5.14.21-150400.24.173.1 ocfs2-kmp-default-5.14.21-150400.24.173.1 reiserfs-kmp-64kb-5.14.21-150400.24.173.1 reiserfs-kmp-default-5.14.21-150400.24.173.1 kernel-default-5.14.21-150400.24.173.1 as a component of Container suse/sle-micro-rancher/5.3:latest kernel-default-5.14.21-150400.24.173.1 as a component of Container suse/sle-micro-rancher/5.4:latest cluster-md-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 dlm-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 gfs2-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 ocfs2-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 kernel-64kb-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-64kb-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-default-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-docs-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-macros-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-obs-build-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-source-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-syms-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS reiserfs-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kernel-64kb-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-64kb-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-default-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-docs-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-macros-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-obs-build-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-source-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-syms-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS reiserfs-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kernel-default-livepatch-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Live Patching 15 SP4 kernel-default-livepatch-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Live Patching 15 SP4 kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 as a component of SUSE Linux Enterprise Live Patching 15 SP4 kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Micro 5.3 kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Linux Enterprise Micro 5.3 kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Micro 5.4 kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Linux Enterprise Micro 5.4 kernel-64kb-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-64kb-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-default-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-docs-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-macros-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-obs-build-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-source-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-syms-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-zfcpdump-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS reiserfs-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-default-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-devel-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-docs-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-macros-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-obs-build-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-source-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-syms-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 reiserfs-kmp-default-5.14.21-150400.24.173.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-default-devel-5.14.21-150400.24.173.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-devel-5.14.21-150400.24.173.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-macros-5.14.21-150400.24.173.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-source-5.14.21-150400.24.173.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-syms-5.14.21-150400.24.173.1 as a component of SUSE Manager Proxy LTS 4.3 kernel-default-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 as a component of SUSE Manager Server LTS 4.3 kernel-default-devel-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 kernel-devel-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 kernel-macros-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 kernel-source-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 kernel-syms-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 kernel-zfcpdump-5.14.21-150400.24.173.1 as a component of SUSE Manager Server LTS 4.3 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to memory corruptions. Therefore, consequent events for a single connection are ignored. The conn->state can hold different values, therefore HCI_CONN_HANDLE_UNSET is introduced to identify new connections. To make sure the events do not contain this or another invalid handle HCI_CONN_HANDLE_MAX and checks are introduced. Buglink: https://bugzilla.kernel.org/show_bug.cgi?id=215497 CVE-2022-49138 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2022-49138.html CVE-2022-49138 https://bugzilla.suse.com/1238160 SUSE Bug 1238160 In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'first_realm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random use-after-free, BUG_ON, etc issues. CVE-2022-49770 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2022-49770.html CVE-2022-49770 https://bugzilla.suse.com/1242597 SUSE Bug 1242597 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instead the _DEAD bit is set on so the set element is not visible from lookup path anymore. Async GC enqueues transaction work that might be aborted and retried later. rbtree and pipapo set backends does not set on the _DEAD bit from the sync GC path since this runs in control plane path where mutex is held. In this case, set elements are deactivated, removed and then released via RCU callback, sync GC never fails. CVE-2023-52923 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2023-52923.html CVE-2023-52923 https://bugzilla.suse.com/1236104 SUSE Bug 1236104 In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the created ct will not be confirmed, like in OVS and TC conntrack in the following patches. This patch allows exp not to be removed by setting IPS_CONFIRMED in the status of the tmpl. CVE-2023-52927 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2023-52927.html CVE-2023-52927 https://bugzilla.suse.com/1239644 SUSE Bug 1239644 https://bugzilla.suse.com/1246016 SUSE Bug 1246016 In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369 CVE-2023-53117 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2023-53117.html CVE-2023-53117 https://bugzilla.suse.com/1242780 SUSE Bug 1242780 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported this issue in a different path in 6.1.x with a pipapo set with low timeouts which is not possible upstream since 7395dfacfff6 ("netfilter: nf_tables: use timestamp to check for set element timeout"). Fix this by setting on the dead flag for anonymous sets to skip async gc in this case. According to 08e4c8c5919f ("netfilter: nf_tables: mark newset as dead on transaction abort"), Florian plans to accelerate abort path by releasing objects via workqueue, therefore, this sets on the dead flag for abort path too. CVE-2024-26643 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2024-26643.html CVE-2024-26643 https://bugzilla.suse.com/1221829 SUSE Bug 1221829 In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being speculatively executed. That's wrong for the same reasons why it's wrong in close_fd()/file_close_fd_locked(); the same solution applies - array_index_nospec(fd, fdt->max_fds) could differ from fd only in case of speculative execution on mispredicted path. CVE-2024-42265 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2024-42265.html CVE-2024-42265 https://bugzilla.suse.com/1229334 SUSE Bug 1229334 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty. CVE-2024-53164 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2024-53164.html CVE-2024-53164 https://bugzilla.suse.com/1234863 SUSE Bug 1234863 https://bugzilla.suse.com/1246019 SUSE Bug 1246019 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result and the fill map are swapped, so if we have a set where f->bsize of the first element is smaller than m->bsize_max, those one-bits are leaked into future rounds result map. This makes pipapo find an incorrect matching results for sets where first field size is not the largest. Followup patch adds a test case to nft_concat_range.sh selftest script. Thanks to Stefano Brivio for pointing out that we need to zero out the remainder explicitly, only correcting memset() argument isn't enough. CVE-2024-57947 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2024-57947.html CVE-2024-57947 https://bugzilla.suse.com/1236333 SUSE Bug 1236333 https://bugzilla.suse.com/1245799 SUSE Bug 1245799 In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3 flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff) raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000 raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x32/0x50 bad_page+0x69/0xf0 free_unref_page_prepare+0x401/0x500 free_unref_page+0x6d/0x1b0 uprobe_write_opcode+0x460/0x8e0 install_breakpoint.part.0+0x51/0x80 register_for_each_vma+0x1d9/0x2b0 __uprobe_register+0x245/0x300 bpf_uprobe_multi_link_attach+0x29b/0x4f0 link_create+0x1e2/0x280 __sys_bpf+0x75f/0xac0 __x64_sys_bpf+0x1a/0x30 do_syscall_64+0x56/0x100 entry_SYSCALL_64_after_hwframe+0x78/0xe2 BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1 The following syzkaller test case can be used to reproduce: r2 = creat(&(0x7f0000000000)='./file0\x00', 0x8) write$nbd(r2, &(0x7f0000000580)=ANY=[], 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0) r5 = userfaultfd(0x80801) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x20}) r6 = userfaultfd(0x80801) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2}) ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}}) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000120000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40) The cause is that zero pfn is set to the PTE without increasing the RSS count in mfill_atomic_pte_zeropage() and the refcount of zero folio does not increase accordingly. Then, the operation on the same pfn is performed in uprobe_write_opcode()->__replace_page() to unconditional decrease the RSS count and old_folio's refcount. Therefore, two bugs are introduced: 1. The RSS count is incorrect, when process exit, the check_mm() report error "Bad rss-count". 2. The reserved folio (zero folio) is freed when folio->refcount is zero, then free_pages_prepare->free_page_is_bad() report error "Bad page state". There is more, the following warning could also theoretically be triggered: __replace_page() -> ... -> folio_remove_rmap_pte() -> VM_WARN_ON_FOLIO(is_zero_folio(folio), folio) Considering that uprobe hit on the zero folio is a very rare case, just reject zero old folio immediately after get_user_page_vma_remote(). [ mingo: Cleaned up the changelog ] CVE-2025-21881 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-21881.html CVE-2025-21881 https://bugzilla.suse.com/1240185 SUSE Bug 1240185 In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created with classid TC_H_ROOT, the traversal terminates prematurely at this class instead of reaching the actual root qdisc, causing parent statistics to be incorrectly maintained. In case of DRR, this could lead to a crash as reported by Mingi Cho. Prevent the creation of any Qdisc class with classid TC_H_ROOT (0xFFFFFFFF) across all qdisc types, as suggested by Jamal. CVE-2025-21971 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-21971.html CVE-2025-21971 https://bugzilla.suse.com/1240799 SUSE Bug 1240799 https://bugzilla.suse.com/1245794 SUSE Bug 1245794 In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue(). CVE-2025-37798 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-37798.html CVE-2025-37798 https://bugzilla.suse.com/1242414 SUSE Bug 1242414 https://bugzilla.suse.com/1242417 SUSE Bug 1242417 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_release, leading to slab-use-after-free error. CVE-2025-38079 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38079.html CVE-2025-38079 https://bugzilla.suse.com/1245217 SUSE Bug 1245217 https://bugzilla.suse.com/1245218 SUSE Bug 1245218 In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size. CVE-2025-38088 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38088.html CVE-2025-38088 https://bugzilla.suse.com/1245506 SUSE Bug 1245506 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and did only fix up the generic C implementation. A followup patch adds a test case to nft_concat_range.sh. CVE-2025-38120 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38120.html CVE-2025-38120 https://bugzilla.suse.com/1245711 SUSE Bug 1245711 In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe. CVE-2025-38177 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38177.html CVE-2025-38177 https://bugzilla.suse.com/1245986 SUSE Bug 1245986 https://bugzilla.suse.com/1246356 SUSE Bug 1246356 In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_full_sk() in calipso_req_setattr(). Since commit a1a5344ddbe8 ("tcp: avoid two atomic ops for syncookies"), reqsk->rsk_listener could be NULL when SYN Cookie is returned to its client, as hinted by the leading SYN Cookie log. Here are 3 options to fix the bug: 1) Return 0 in calipso_req_setattr() 2) Return an error in calipso_req_setattr() 3) Alaways set rsk_listener 1) is no go as it bypasses LSM, but 2) effectively disables SYN Cookie for CALIPSO. 3) is also no go as there have been many efforts to reduce atomic ops and make TCP robust against DDoS. See also commit 3b24d854cb35 ("tcp/dccp: do not touch listener sk_refcnt under synflood"). As of the blamed commit, SYN Cookie already did not need refcounting, and no one has stumbled on the bug for 9 years, so no CALIPSO user will care about SYN Cookie. Let's return an error in calipso_req_setattr() and calipso_req_delattr() in the SYN Cookie case. This can be reproduced by [1] on Fedora and now connect() of nc times out. [0]: TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] CPU: 3 UID: 0 PID: 12262 Comm: syz.1.2611 Not tainted 6.14.0 #2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:read_pnet include/net/net_namespace.h:406 [inline] RIP: 0010:sock_net include/net/sock.h:655 [inline] RIP: 0010:sock_kmalloc+0x35/0x170 net/core/sock.c:2806 Code: 89 d5 41 54 55 89 f5 53 48 89 fb e8 25 e3 c6 fd e8 f0 91 e3 00 48 8d 7b 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 26 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b RSP: 0018:ffff88811af89038 EFLAGS: 00010216 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888105266400 RDX: 0000000000000006 RSI: ffff88800c890000 RDI: 0000000000000030 RBP: 0000000000000050 R08: 0000000000000000 R09: ffff88810526640e R10: ffffed1020a4cc81 R11: ffff88810526640f R12: 0000000000000000 R13: 0000000000000820 R14: ffff888105266400 R15: 0000000000000050 FS: 00007f0653a07640(0000) GS:ffff88811af80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f863ba096f4 CR3: 00000000163c0005 CR4: 0000000000770ef0 PKRU: 80000000 Call Trace: <IRQ> ipv6_renew_options+0x279/0x950 net/ipv6/exthdrs.c:1288 calipso_req_setattr+0x181/0x340 net/ipv6/calipso.c:1204 calipso_req_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:597 netlbl_req_setattr+0x18a/0x440 net/netlabel/netlabel_kapi.c:1249 selinux_netlbl_inet_conn_request+0x1fb/0x320 security/selinux/netlabel.c:342 selinux_inet_conn_request+0x1eb/0x2c0 security/selinux/hooks.c:5551 security_inet_conn_request+0x50/0xa0 security/security.c:4945 tcp_v6_route_req+0x22c/0x550 net/ipv6/tcp_ipv6.c:825 tcp_conn_request+0xec8/0x2b70 net/ipv4/tcp_input.c:7275 tcp_v6_conn_request+0x1e3/0x440 net/ipv6/tcp_ipv6.c:1328 tcp_rcv_state_process+0xafa/0x52b0 net/ipv4/tcp_input.c:6781 tcp_v6_do_rcv+0x8a6/0x1a40 net/ipv6/tcp_ipv6.c:1667 tcp_v6_rcv+0x505e/0x5b50 net/ipv6/tcp_ipv6.c:1904 ip6_protocol_deliver_rcu+0x17c/0x1da0 net/ipv6/ip6_input.c:436 ip6_input_finish+0x103/0x180 net/ipv6/ip6_input.c:480 NF_HOOK include/linux/netfilter.h:314 [inline] NF_HOOK include/linux/netfilter.h:308 [inline] ip6_input+0x13c/0x6b0 net/ipv6/ip6_input.c:491 dst_input include/net/dst.h:469 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline] ip6_rcv_finish+0xb6/0x490 net/ipv6/ip6_input.c:69 NF_HOOK include/linux/netfilter.h:314 [inline] NF_HOOK include/linux/netf ---truncated--- CVE-2025-38181 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38181.html CVE-2025-38181 https://bugzilla.suse.com/1246000 SUSE Bug 1246000 https://bugzilla.suse.com/1246001 SUSE Bug 1246001 In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the type of related variables. CVE-2025-38200 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38200.html CVE-2025-38200 https://bugzilla.suse.com/1246045 SUSE Bug 1246045 https://bugzilla.suse.com/1246046 SUSE Bug 1246046 In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : free ->vol_utbl exfat_load_default_upcase_table : return error exfat_kill_sb() delayed_free() exfat_free_upcase_table() <--------- double free This patch set ->vol_util as NULL after freeing it. CVE-2025-38206 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38206.html CVE-2025-38206 https://bugzilla.suse.com/1246073 SUSE Bug 1246073 https://bugzilla.suse.com/1246075 SUSE Bug 1246075 In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() is protected by rwsem, but this is not enough. If it is not protected by RCU read-critical region, when idr_for_each() calls radix_tree_node_free() through call_rcu() to free the radix_tree_node structure, the node will be freed immediately, and when reading the next node in radix_tree_for_each_slot(), the already freed memory may be read. Therefore, we need to add code to make sure that idr_for_each() is protected within the RCU read-critical region when we call it in shm_destroy_orphaned(). CVE-2025-38212 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38212.html CVE-2025-38212 https://bugzilla.suse.com/1246029 SUSE Bug 1246029 https://bugzilla.suse.com/1246030 SUSE Bug 1246030 This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CVE-2025-38213 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38213.html CVE-2025-38213 https://bugzilla.suse.com/1246037 SUSE Bug 1246037 https://bugzilla.suse.com/1246039 SUSE Bug 1246039 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdup_user() Number of apqn target list entries contained in 'nr_apqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size passed to memdup_user() may overflow. In this case the actual size of the allocated area and the value describing it won't be in sync leading to various types of unpredictable behaviour later. Use a proper memdup_array_user() helper which returns an error if an overflow is detected. Note that it is different from when nr_apqns is initially zero - that case is considered valid and should be handled in subsequent pkey_handler implementations. Found by Linux Verification Center (linuxtesting.org). CVE-2025-38257 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38257.html CVE-2025-38257 https://bugzilla.suse.com/1246186 SUSE Bug 1246186 https://bugzilla.suse.com/1246189 SUSE Bug 1246189 In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight class passive via qlen_notify(). Most qdiscs do not expect such behaviour at this point in time and may re-activate the class eventually anyways which will lead to a use-after-free. The referenced fix commit attempted to fix this behavior for the HFSC case by moving the backlog accounting around, though this turned out to be incomplete since the parent's parent may run into the issue too. The following reproducer demonstrates this use-after-free: tc qdisc add dev lo root handle 1: drr tc filter add dev lo parent 1: basic classid 1:1 tc class add dev lo parent 1: classid 1:1 drr tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1 tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0 tc qdisc add dev lo parent 2:1 handle 3: netem tc qdisc add dev lo parent 3:1 handle 4: blackhole echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 tc class delete dev lo classid 1:1 echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 Since backlog accounting issues leading to a use-after-frees on stale class pointers is a recurring pattern at this point, this patch takes a different approach. Instead of trying to fix the accounting, the patch ensures that qdisc_tree_reduce_backlog always calls qlen_notify when the child qdisc is empty. This solves the problem because deletion of qdiscs always involves a call to qdisc_reset() and / or qdisc_purge_queue() which ultimately resets its qlen to 0 thus causing the following qdisc_tree_reduce_backlog() to report to the parent. Note that this may call qlen_notify on passive classes multiple times. This is not a problem after the recent patch series that made all the classful qdiscs qlen_notify() handlers idempotent. CVE-2025-38350 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38350.html CVE-2025-38350 https://bugzilla.suse.com/1246781 SUSE Bug 1246781 https://bugzilla.suse.com/1247043 SUSE Bug 1247043 In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo parent 1: classid 1:1 htb rate 64bit tc qdisc add dev lo parent 1:1 handle 2: netem tc qdisc add dev lo parent 2:1 handle 3: blackhole ping -I lo -c1 -W0.001 127.0.0.1 The root cause is the following: 1. htb_dequeue calls htb_dequeue_tree which calls the dequeue handler on the selected leaf qdisc 2. netem_dequeue calls enqueue on the child qdisc 3. blackhole_enqueue drops the packet and returns a value that is not just NET_XMIT_SUCCESS 4. Because of this, netem_dequeue calls qdisc_tree_reduce_backlog, and since qlen is now 0, it calls htb_qlen_notify -> htb_deactivate -> htb_deactiviate_prios -> htb_remove_class_from_row -> htb_safe_rb_erase 5. As this is the only class in the selected hprio rbtree, __rb_change_child in __rb_erase_augmented sets the rb_root pointer to NULL 6. Because blackhole_dequeue returns NULL, netem_dequeue returns NULL, which causes htb_dequeue_tree to call htb_lookup_leaf with the same hprio rbtree, and fail the BUG_ON The function graph for this scenario is shown here: 0) | htb_enqueue() { 0) + 13.635 us | netem_enqueue(); 0) 4.719 us | htb_activate_prios(); 0) # 2249.199 us | } 0) | htb_dequeue() { 0) 2.355 us | htb_lookup_leaf(); 0) | netem_dequeue() { 0) + 11.061 us | blackhole_enqueue(); 0) | qdisc_tree_reduce_backlog() { 0) | qdisc_lookup_rcu() { 0) 1.873 us | qdisc_match_from_root(); 0) 6.292 us | } 0) 1.894 us | htb_search(); 0) | htb_qlen_notify() { 0) 2.655 us | htb_deactivate_prios(); 0) 6.933 us | } 0) + 25.227 us | } 0) 1.983 us | blackhole_dequeue(); 0) + 86.553 us | } 0) # 2932.761 us | qdisc_warn_nonwc(); 0) | htb_lookup_leaf() { 0) | BUG_ON(); ------------------------------------------ The full original bug report can be seen here [1]. We can fix this just by returning NULL instead of the BUG_ON, as htb_dequeue_tree returns NULL when htb_lookup_leaf returns NULL. [1] https://lore.kernel.org/netdev/pF5XOOIim0IuEfhI-SOxTgRvNoDwuux7UHKnE_Y5-zVd4wmGvNk2ceHjKb8ORnzw0cGwfmVu42g9dL7XyJLf1NEzaztboTWcm0Ogxuojoeo=@willsroot.io/ CVE-2025-38468 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38468.html CVE-2025-38468 https://bugzilla.suse.com/1247437 SUSE Bug 1247437 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats. CVE-2025-38477 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38477.html CVE-2025-38477 https://bugzilla.suse.com/1247314 SUSE Bug 1247314 https://bugzilla.suse.com/1247315 SUSE Bug 1247315 In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used. CVE-2025-38494 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38494.html CVE-2025-38494 https://bugzilla.suse.com/1247349 SUSE Bug 1247349 https://bugzilla.suse.com/1247350 SUSE Bug 1247350 In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7. CVE-2025-38495 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38495.html CVE-2025-38495 https://bugzilla.suse.com/1247348 SUSE Bug 1247348 https://bugzilla.suse.com/1247351 SUSE Bug 1247351 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. CVE-2025-38497 Container suse/sle-micro-rancher/5.3:latest:kernel-default-5.14.21-150400.24.173.1 Container suse/sle-micro-rancher/5.4:latest:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-64kb-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kernel-zfcpdump-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server 15 SP4-LTSS:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-devel-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-docs-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-macros-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-obs-build-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-source-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kernel-syms-5.14.21-150400.24.173.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Proxy LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Proxy LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 SUSE Manager Server LTS 4.3:kernel-default-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-devel-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-macros-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-source-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-syms-5.14.21-150400.24.173.1 SUSE Manager Server LTS 4.3:kernel-zfcpdump-5.14.21-150400.24.173.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1/ https://www.suse.com/security/cve/CVE-2025-38497.html CVE-2025-38497 https://bugzilla.suse.com/1247347 SUSE Bug 1247347