Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:03344-1 Final 1 1 2025-09-24T13:34:27Z current 2025-09-24T13:34:27Z 2025-09-24T13:34:27Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usb_udc_uevent() (bsc#1245110). - CVE-2022-50116: kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path (bsc#1244824). - CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#1233640). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1248614). - CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164). - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). - CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956). - CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). - CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). - CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). - CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). - CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247314). - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). - CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). - CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976). - CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223). - CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248297). - CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312). - CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306). - CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338). - CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621). - CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511). - CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748). The following non-security bugs were fixed: - Disable N_GSM (jsc#PED-8240). - NFSv4.1: fix backchannel max_resp_sz verification check (bsc#1247518). - NFSv4: fairly test all delegations on a SEQ4_ revocation (bsc#1246211). - kabi fix for NFSv4: fairly test all delegations on a SEQ4_ revocation (bsc#1246211). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sle-micro/base-5.5:latest-2025-3344,Container suse/sle-micro/kvm-5.5:latest-2025-3344,SUSE-2025-3344,SUSE-SLE-Micro-5.5-2025-3344,SUSE-SLE-Module-Live-Patching-15-SP5-2025-3344,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3344,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3344,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3344,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3344 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ Link for SUSE-SU-2025:03344-1 https://lists.suse.com/pipermail/sle-updates/2025-September/041838.html E-Mail link for SUSE-SU-2025:03344-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1229334 SUSE Bug 1229334 https://bugzilla.suse.com/1233640 SUSE Bug 1233640 https://bugzilla.suse.com/1234896 SUSE Bug 1234896 https://bugzilla.suse.com/1236333 SUSE Bug 1236333 https://bugzilla.suse.com/1237164 SUSE Bug 1237164 https://bugzilla.suse.com/1240799 SUSE Bug 1240799 https://bugzilla.suse.com/1242414 SUSE Bug 1242414 https://bugzilla.suse.com/1242780 SUSE Bug 1242780 https://bugzilla.suse.com/1244309 SUSE Bug 1244309 https://bugzilla.suse.com/1244824 SUSE Bug 1244824 https://bugzilla.suse.com/1245110 SUSE Bug 1245110 https://bugzilla.suse.com/1245506 SUSE Bug 1245506 https://bugzilla.suse.com/1245711 SUSE Bug 1245711 https://bugzilla.suse.com/1245956 SUSE Bug 1245956 https://bugzilla.suse.com/1245970 SUSE Bug 1245970 https://bugzilla.suse.com/1245986 SUSE Bug 1245986 https://bugzilla.suse.com/1246211 SUSE Bug 1246211 https://bugzilla.suse.com/1246473 SUSE Bug 1246473 https://bugzilla.suse.com/1246781 SUSE Bug 1246781 https://bugzilla.suse.com/1246911 SUSE Bug 1246911 https://bugzilla.suse.com/1247143 SUSE Bug 1247143 https://bugzilla.suse.com/1247314 SUSE Bug 1247314 https://bugzilla.suse.com/1247347 SUSE Bug 1247347 https://bugzilla.suse.com/1247348 SUSE Bug 1247348 https://bugzilla.suse.com/1247349 SUSE Bug 1247349 https://bugzilla.suse.com/1247374 SUSE Bug 1247374 https://bugzilla.suse.com/1247437 SUSE Bug 1247437 https://bugzilla.suse.com/1247518 SUSE Bug 1247518 https://bugzilla.suse.com/1247976 SUSE Bug 1247976 https://bugzilla.suse.com/1248223 SUSE Bug 1248223 https://bugzilla.suse.com/1248297 SUSE Bug 1248297 https://bugzilla.suse.com/1248306 SUSE Bug 1248306 https://bugzilla.suse.com/1248312 SUSE Bug 1248312 https://bugzilla.suse.com/1248338 SUSE Bug 1248338 https://bugzilla.suse.com/1248511 SUSE Bug 1248511 https://bugzilla.suse.com/1248614 SUSE Bug 1248614 https://bugzilla.suse.com/1248621 SUSE Bug 1248621 https://bugzilla.suse.com/1248748 SUSE Bug 1248748 https://bugzilla.suse.com/1249353 SUSE Bug 1249353 https://www.suse.com/security/cve/CVE-2022-49980/ SUSE CVE CVE-2022-49980 page https://www.suse.com/security/cve/CVE-2022-50116/ SUSE CVE CVE-2022-50116 page https://www.suse.com/security/cve/CVE-2023-53117/ SUSE CVE CVE-2023-53117 page https://www.suse.com/security/cve/CVE-2024-42265/ SUSE CVE CVE-2024-42265 page https://www.suse.com/security/cve/CVE-2024-53093/ SUSE CVE CVE-2024-53093 page https://www.suse.com/security/cve/CVE-2024-53177/ SUSE CVE CVE-2024-53177 page https://www.suse.com/security/cve/CVE-2024-57947/ SUSE CVE CVE-2024-57947 page https://www.suse.com/security/cve/CVE-2024-58239/ SUSE CVE CVE-2024-58239 page https://www.suse.com/security/cve/CVE-2025-21701/ SUSE CVE CVE-2025-21701 page https://www.suse.com/security/cve/CVE-2025-21971/ SUSE CVE CVE-2025-21971 page https://www.suse.com/security/cve/CVE-2025-37798/ SUSE CVE CVE-2025-37798 page https://www.suse.com/security/cve/CVE-2025-38088/ SUSE CVE CVE-2025-38088 page https://www.suse.com/security/cve/CVE-2025-38120/ SUSE CVE CVE-2025-38120 page https://www.suse.com/security/cve/CVE-2025-38177/ SUSE CVE CVE-2025-38177 page https://www.suse.com/security/cve/CVE-2025-38180/ SUSE CVE CVE-2025-38180 page https://www.suse.com/security/cve/CVE-2025-38184/ SUSE CVE CVE-2025-38184 page https://www.suse.com/security/cve/CVE-2025-38323/ SUSE CVE CVE-2025-38323 page https://www.suse.com/security/cve/CVE-2025-38350/ SUSE CVE CVE-2025-38350 page https://www.suse.com/security/cve/CVE-2025-38352/ SUSE CVE CVE-2025-38352 page https://www.suse.com/security/cve/CVE-2025-38460/ SUSE CVE CVE-2025-38460 page https://www.suse.com/security/cve/CVE-2025-38468/ SUSE CVE CVE-2025-38468 page https://www.suse.com/security/cve/CVE-2025-38477/ SUSE CVE CVE-2025-38477 page https://www.suse.com/security/cve/CVE-2025-38494/ SUSE CVE CVE-2025-38494 page https://www.suse.com/security/cve/CVE-2025-38495/ SUSE CVE CVE-2025-38495 page https://www.suse.com/security/cve/CVE-2025-38497/ SUSE CVE CVE-2025-38497 page https://www.suse.com/security/cve/CVE-2025-38498/ SUSE CVE CVE-2025-38498 page https://www.suse.com/security/cve/CVE-2025-38499/ SUSE CVE CVE-2025-38499 page https://www.suse.com/security/cve/CVE-2025-38546/ SUSE CVE CVE-2025-38546 page https://www.suse.com/security/cve/CVE-2025-38555/ SUSE CVE CVE-2025-38555 page https://www.suse.com/security/cve/CVE-2025-38560/ SUSE CVE CVE-2025-38560 page https://www.suse.com/security/cve/CVE-2025-38563/ SUSE CVE CVE-2025-38563 page https://www.suse.com/security/cve/CVE-2025-38608/ SUSE CVE CVE-2025-38608 page https://www.suse.com/security/cve/CVE-2025-38617/ SUSE CVE CVE-2025-38617 page https://www.suse.com/security/cve/CVE-2025-38618/ SUSE CVE CVE-2025-38618 page https://www.suse.com/security/cve/CVE-2025-38644/ SUSE CVE CVE-2025-38644 page Container suse/sle-micro/base-5.5:latest Container suse/sle-micro/kvm-5.5:latest SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Live Patching 15 SP5 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-default-5.14.21-150500.55.121.2 kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 cluster-md-kmp-64kb-5.14.21-150500.55.121.2 cluster-md-kmp-default-5.14.21-150500.55.121.2 dlm-kmp-64kb-5.14.21-150500.55.121.2 dlm-kmp-default-5.14.21-150500.55.121.2 dtb-allwinner-5.14.21-150500.55.121.1 dtb-altera-5.14.21-150500.55.121.1 dtb-amazon-5.14.21-150500.55.121.1 dtb-amd-5.14.21-150500.55.121.1 dtb-amlogic-5.14.21-150500.55.121.1 dtb-apm-5.14.21-150500.55.121.1 dtb-apple-5.14.21-150500.55.121.1 dtb-arm-5.14.21-150500.55.121.1 dtb-broadcom-5.14.21-150500.55.121.1 dtb-cavium-5.14.21-150500.55.121.1 dtb-exynos-5.14.21-150500.55.121.1 dtb-freescale-5.14.21-150500.55.121.1 dtb-hisilicon-5.14.21-150500.55.121.1 dtb-lg-5.14.21-150500.55.121.1 dtb-marvell-5.14.21-150500.55.121.1 dtb-mediatek-5.14.21-150500.55.121.1 dtb-nvidia-5.14.21-150500.55.121.1 dtb-qcom-5.14.21-150500.55.121.1 dtb-renesas-5.14.21-150500.55.121.1 dtb-rockchip-5.14.21-150500.55.121.1 dtb-socionext-5.14.21-150500.55.121.1 dtb-sprd-5.14.21-150500.55.121.1 dtb-xilinx-5.14.21-150500.55.121.1 gfs2-kmp-64kb-5.14.21-150500.55.121.2 gfs2-kmp-default-5.14.21-150500.55.121.2 kernel-64kb-5.14.21-150500.55.121.2 kernel-64kb-devel-5.14.21-150500.55.121.2 kernel-64kb-extra-5.14.21-150500.55.121.2 kernel-64kb-optional-5.14.21-150500.55.121.2 kernel-default-base-rebuild-5.14.21-150500.55.121.2.150500.6.57.2 kernel-default-devel-5.14.21-150500.55.121.2 kernel-default-extra-5.14.21-150500.55.121.2 kernel-default-livepatch-5.14.21-150500.55.121.2 kernel-default-livepatch-devel-5.14.21-150500.55.121.2 kernel-default-optional-5.14.21-150500.55.121.2 kernel-default-vdso-5.14.21-150500.55.121.2 kernel-devel-5.14.21-150500.55.121.2 kernel-docs-5.14.21-150500.55.121.1 kernel-docs-html-5.14.21-150500.55.121.1 kernel-kvmsmall-5.14.21-150500.55.121.2 kernel-kvmsmall-devel-5.14.21-150500.55.121.2 kernel-kvmsmall-vdso-5.14.21-150500.55.121.2 kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 kernel-macros-5.14.21-150500.55.121.2 kernel-obs-build-5.14.21-150500.55.121.1 kernel-obs-qa-5.14.21-150500.55.121.1 kernel-source-5.14.21-150500.55.121.2 kernel-source-vanilla-5.14.21-150500.55.121.2 kernel-syms-5.14.21-150500.55.121.1 kernel-zfcpdump-5.14.21-150500.55.121.2 kselftests-kmp-64kb-5.14.21-150500.55.121.2 kselftests-kmp-default-5.14.21-150500.55.121.2 ocfs2-kmp-64kb-5.14.21-150500.55.121.2 ocfs2-kmp-default-5.14.21-150500.55.121.2 reiserfs-kmp-64kb-5.14.21-150500.55.121.2 reiserfs-kmp-default-5.14.21-150500.55.121.2 kernel-default-5.14.21-150500.55.121.2 as a component of Container suse/sle-micro/base-5.5:latest kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 as a component of Container suse/sle-micro/kvm-5.5:latest cluster-md-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS dlm-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS gfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-64kb-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-64kb-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-default-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-docs-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-macros-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-obs-build-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-source-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS kernel-syms-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ocfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS cluster-md-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS dlm-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS gfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-64kb-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-64kb-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-default-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-docs-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-macros-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-obs-build-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-source-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-syms-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ocfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS kernel-default-livepatch-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Live Patching 15 SP5 kernel-default-livepatch-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Live Patching 15 SP5 kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 as a component of SUSE Linux Enterprise Live Patching 15 SP5 kernel-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Micro 5.5 kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 as a component of SUSE Linux Enterprise Micro 5.5 kernel-macros-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Micro 5.5 cluster-md-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS dlm-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS gfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-64kb-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-64kb-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-default-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-docs-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-macros-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-obs-build-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-source-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-syms-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS kernel-zfcpdump-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS ocfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS reiserfs-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS cluster-md-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 dlm-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 gfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-default-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-devel-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-docs-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-macros-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-obs-build-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-source-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 kernel-syms-5.14.21-150500.55.121.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 ocfs2-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 reiserfs-kmp-default-5.14.21-150500.55.121.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------------------------------------------- BUG: KASAN: use-after-free in usb_udc_uevent+0x11f/0x130 drivers/usb/gadget/udc/core.c:1732 Read of size 8 at addr ffff888078ce2050 by task udevd/2968 CPU: 1 PID: 2968 Comm: udevd Not tainted 5.19.0-rc4-next-20220628-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:317 [inline] print_report.cold+0x2ba/0x719 mm/kasan/report.c:433 kasan_report+0xbe/0x1f0 mm/kasan/report.c:495 usb_udc_uevent+0x11f/0x130 drivers/usb/gadget/udc/core.c:1732 dev_uevent+0x290/0x770 drivers/base/core.c:2424 --------------------------------------------------------------- The bug occurs because usb_udc_uevent() dereferences udc->driver but does so without acquiring the udc_lock mutex, which protects this field. If the gadget driver is unbound from the udc concurrently with uevent processing, the driver structure may be accessed after it has been deallocated. To prevent the race, we make sure that the routine holds the mutex around the racing accesses. CVE-2022-49980 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2022-49980.html CVE-2022-49980 https://bugzilla.suse.com/1245110 SUSE Bug 1245110 https://bugzilla.suse.com/1245111 SUSE Bug 1245111 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the upper and the lower layer are hard coupled in the code. Due to this deadlocks can happen as seen below while transmitting data, especially during ldisc congestion. Furthermore, the data channels starve the control channel on high transmission load on the ldisc. Introduce an additional control channel data queue to prevent timeouts and link hangups during ldisc congestion. This is being processed before the user channel data queue in gsm_data_kick(), i.e. with the highest priority. Put the queue to ldisc data path into a workqueue and trigger it whenever new data has been put into the transmission queue. Change gsm_dlci_data_sweep() accordingly to fill up the transmission queue until TX_THRESH_HI. This solves the locking issue, keeps latency low and provides good performance on high data load. Note that now all packets from a DLCI are removed from the internal queue if the associated DLCI was closed. This ensures that no data is sent by the introduced write task to an already closed DLCI. BUG: spinlock recursion on CPU#0, test_v24_loop/124 lock: serial8250_ports+0x3a8/0x7500, .magic: dead4ead, .owner: test_v24_loop/124, .owner_cpu: 0 CPU: 0 PID: 124 Comm: test_v24_loop Tainted: G O 5.18.0-rc2 #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace: <IRQ> dump_stack_lvl+0x34/0x44 do_raw_spin_lock+0x76/0xa0 _raw_spin_lock_irqsave+0x72/0x80 uart_write_room+0x3b/0xc0 gsm_data_kick+0x14b/0x240 [n_gsm] gsmld_write_wakeup+0x35/0x70 [n_gsm] tty_wakeup+0x53/0x60 tty_port_default_wakeup+0x1b/0x30 serial8250_tx_chars+0x12f/0x220 serial8250_handle_irq.part.0+0xfe/0x150 serial8250_default_handle_irq+0x48/0x80 serial8250_interrupt+0x56/0xa0 __handle_irq_event_percpu+0x78/0x1f0 handle_irq_event+0x34/0x70 handle_fasteoi_irq+0x90/0x1e0 __common_interrupt+0x69/0x100 common_interrupt+0x48/0xc0 asm_common_interrupt+0x1e/0x40 RIP: 0010:__do_softirq+0x83/0x34e Code: 2a 0a ff 0f b7 ed c7 44 24 10 0a 00 00 00 48 c7 c7 51 2a 64 82 e8 2d e2 d5 ff 65 66 c7 05 83 af 1e 7e 00 00 fb b8 ff ff ff ff <49> c7 c2 40 61 80 82 0f bc c5 41 89 c4 41 83 c4 01 0f 84 e6 00 00 RSP: 0018:ffffc90000003f98 EFLAGS: 00000286 RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff82642a51 RDI: ffffffff825bb5e7 RBP: 0000000000000200 R08: 00000008de3271a8 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000030 R14: 0000000000000000 R15: 0000000000000000 ? __do_softirq+0x73/0x34e irq_exit_rcu+0xb5/0x100 common_interrupt+0xa4/0xc0 </IRQ> <TASK> asm_common_interrupt+0x1e/0x40 RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50 Code: 00 55 48 89 fd 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 85 28 36 ff 48 89 ef e8 cd 58 36 ff 80 e7 02 74 01 fb bf 01 00 00 00 <e8> 3d 97 33 ff 65 8b 05 96 23 2b 7e 85 c0 74 03 5b 5d c3 0f 1f 44 RSP: 0018:ffffc9000020fd08 EFLAGS: 00000202 RAX: 0000000000000000 RBX: 0000000000000246 RCX: 0000000000000000 RDX: 0000000000000004 RSI: ffffffff8257fd74 RDI: 0000000000000001 RBP: ffff8880057de3a0 R08: 00000008de233000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000100 R14: 0000000000000202 R15: ffff8880057df0b8 ? _raw_spin_unlock_irqrestore+0x23/0x50 gsmtty_write+0x65/0x80 [n_gsm] n_tty_write+0x33f/0x530 ? swake_up_all+0xe0/0xe0 file_tty_write.constprop.0+0x1b1/0x320 ? n_tty_flush_buffer+0xb0/0xb0 new_sync_write+0x10c/0x190 vfs_write+0x282/0x310 ksys_write+0x68/0xe0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f3e5e35c15c Code: 8b 7c 24 08 89 c5 e8 c5 ff ff ff 89 ef 89 44 24 ---truncated--- CVE-2022-50116 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2022-50116.html CVE-2022-50116 https://bugzilla.suse.com/1244824 SUSE Bug 1244824 In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369 CVE-2023-53117 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2023-53117.html CVE-2023-53117 https://bugzilla.suse.com/1242780 SUSE Bug 1242780 In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being speculatively executed. That's wrong for the same reasons why it's wrong in close_fd()/file_close_fd_locked(); the same solution applies - array_index_nospec(fd, fdt->max_fds) could differ from fd only in case of speculative execution on mispredicted path. CVE-2024-42265 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2024-42265.html CVE-2024-42265 https://bugzilla.suse.com/1229334 SUSE Bug 1229334 In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes available or all paths are torn down, but that action also occurs within scan_work, so it would deadlock. Defer the partion scan to a different context that does not block scan_work. CVE-2024-53093 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2024-53093.html CVE-2024-53093 https://bugzilla.suse.com/1233640 SUSE Bug 1233640 In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in open_cached_dir() freeing the cfid while the queued work is pending. Update open_cached_dir() to drop refs rather than directly freeing the cfid. Have cached_dir_lease_break(), cfids_laundromat_worker(), and invalidate_all_cached_dirs() clear has_lease immediately while still holding cfids->cfid_list_lock, and then use this to also simplify the reference counting in cfids_laundromat_worker() and invalidate_all_cached_dirs(). Fixes this KASAN splat (which manually injects an error and lease break in open_cached_dir()): ================================================================== BUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0 Read of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65 CPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Workqueue: cifsiod smb2_cached_lease_break Call Trace: <TASK> dump_stack_lvl+0x77/0xb0 print_report+0xce/0x660 kasan_report+0xd3/0x110 smb2_cached_lease_break+0x27/0xb0 process_one_work+0x50a/0xc50 worker_thread+0x2ba/0x530 kthread+0x17c/0x1c0 ret_from_fork+0x34/0x60 ret_from_fork_asm+0x1a/0x30 </TASK> Allocated by task 2464: kasan_save_stack+0x33/0x60 kasan_save_track+0x14/0x30 __kasan_kmalloc+0xaa/0xb0 open_cached_dir+0xa7d/0x1fb0 smb2_query_path_info+0x43c/0x6e0 cifs_get_fattr+0x346/0xf10 cifs_get_inode_info+0x157/0x210 cifs_revalidate_dentry_attr+0x2d1/0x460 cifs_getattr+0x173/0x470 vfs_statx_path+0x10f/0x160 vfs_statx+0xe9/0x150 vfs_fstatat+0x5e/0xc0 __do_sys_newfstatat+0x91/0xf0 do_syscall_64+0x95/0x1a0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Freed by task 2464: kasan_save_stack+0x33/0x60 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x51/0x70 kfree+0x174/0x520 open_cached_dir+0x97f/0x1fb0 smb2_query_path_info+0x43c/0x6e0 cifs_get_fattr+0x346/0xf10 cifs_get_inode_info+0x157/0x210 cifs_revalidate_dentry_attr+0x2d1/0x460 cifs_getattr+0x173/0x470 vfs_statx_path+0x10f/0x160 vfs_statx+0xe9/0x150 vfs_fstatat+0x5e/0xc0 __do_sys_newfstatat+0x91/0xf0 do_syscall_64+0x95/0x1a0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Last potentially related work creation: kasan_save_stack+0x33/0x60 __kasan_record_aux_stack+0xad/0xc0 insert_work+0x32/0x100 __queue_work+0x5c9/0x870 queue_work_on+0x82/0x90 open_cached_dir+0x1369/0x1fb0 smb2_query_path_info+0x43c/0x6e0 cifs_get_fattr+0x346/0xf10 cifs_get_inode_info+0x157/0x210 cifs_revalidate_dentry_attr+0x2d1/0x460 cifs_getattr+0x173/0x470 vfs_statx_path+0x10f/0x160 vfs_statx+0xe9/0x150 vfs_fstatat+0x5e/0xc0 __do_sys_newfstatat+0x91/0xf0 do_syscall_64+0x95/0x1a0 entry_SYSCALL_64_after_hwframe+0x76/0x7e The buggy address belongs to the object at ffff88811cc24c00 which belongs to the cache kmalloc-1k of size 1024 The buggy address is located 16 bytes inside of freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000) CVE-2024-53177 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2024-53177.html CVE-2024-53177 https://bugzilla.suse.com/1234896 SUSE Bug 1234896 https://bugzilla.suse.com/1235103 SUSE Bug 1235103 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result and the fill map are swapped, so if we have a set where f->bsize of the first element is smaller than m->bsize_max, those one-bits are leaked into future rounds result map. This makes pipapo find an incorrect matching results for sets where first field size is not the largest. Followup patch adds a test case to nft_concat_range.sh selftest script. Thanks to Stefano Brivio for pointing out that we need to zero out the remainder explicitly, only correcting memset() argument isn't enough. CVE-2024-57947 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2024-57947.html CVE-2024-57947 https://bugzilla.suse.com/1236333 SUSE Bug 1236333 https://bugzilla.suse.com/1245799 SUSE Bug 1245799 In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of the same type still on the queue, we will end up merging them: - process_rx_list copies the non-DATA record - we start the loop and process the first available record since it's of the same type - we break out of the loop since the record was not DATA Just check the record type and jump to the end in case process_rx_list did some work. CVE-2024-58239 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2024-58239.html CVE-2024-58239 https://bugzilla.suse.com/1248614 SUSE Bug 1248614 https://bugzilla.suse.com/1248615 SUSE Bug 1248615 In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120 CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771 RIP: 0010:__mutex_lock+0xc8a/0x1120 Call Trace: <TASK> ethtool_check_max_channel+0x1ea/0x880 ethnl_set_channels+0x3c3/0xb10 ethnl_default_set_doit+0x306/0x650 genl_family_rcv_msg_doit+0x1e3/0x2c0 genl_rcv_msg+0x432/0x6f0 netlink_rcv_skb+0x13d/0x3b0 genl_rcv+0x28/0x40 netlink_unicast+0x42e/0x720 netlink_sendmsg+0x765/0xc20 __sys_sendto+0x3ac/0x420 __x64_sys_sendto+0xe0/0x1c0 do_syscall_64+0x95/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e This is because unregister_netdevice_many_notify might run before the rtnl lock section of ethnl operations, eg. set_channels in the above example. In this example the rss lock would be destroyed by the device unregistration path before being used again, but in general running ethnl operations while dismantle has started is not a good idea. Fix this by denying any operation on devices being unregistered. A check was already there in ethnl_ops_begin, but not wide enough. Note that the same issue cannot be seen on the ioctl version (__dev_ethtool) because the device reference is retrieved from within the rtnl lock section there. Once dismantle started, the net device is unlisted and no reference will be found. CVE-2025-21701 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-21701.html CVE-2025-21701 https://bugzilla.suse.com/1237164 SUSE Bug 1237164 https://bugzilla.suse.com/1245805 SUSE Bug 1245805 In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created with classid TC_H_ROOT, the traversal terminates prematurely at this class instead of reaching the actual root qdisc, causing parent statistics to be incorrectly maintained. In case of DRR, this could lead to a crash as reported by Mingi Cho. Prevent the creation of any Qdisc class with classid TC_H_ROOT (0xFFFFFFFF) across all qdisc types, as suggested by Jamal. CVE-2025-21971 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-21971.html CVE-2025-21971 https://bugzilla.suse.com/1240799 SUSE Bug 1240799 https://bugzilla.suse.com/1245794 SUSE Bug 1245794 In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue(). CVE-2025-37798 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-37798.html CVE-2025-37798 https://bugzilla.suse.com/1242414 SUSE Bug 1242414 https://bugzilla.suse.com/1242417 SUSE Bug 1242417 In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size. CVE-2025-38088 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38088.html CVE-2025-38088 https://bugzilla.suse.com/1245506 SUSE Bug 1245506 https://bugzilla.suse.com/1245507 SUSE Bug 1245507 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and did only fix up the generic C implementation. A followup patch adds a test case to nft_concat_range.sh. CVE-2025-38120 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38120.html CVE-2025-38120 https://bugzilla.suse.com/1245711 SUSE Bug 1245711 In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe. CVE-2025-38177 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38177.html CVE-2025-38177 https://bugzilla.suse.com/1245986 SUSE Bug 1245986 https://bugzilla.suse.com/1246356 SUSE Bug 1246356 In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF. CVE-2025-38180 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38180.html CVE-2025-38180 https://bugzilla.suse.com/1245970 SUSE Bug 1245970 https://bugzilla.suse.com/1245971 SUSE Bug 1245971 In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun tipc: Started in network mode tipc: Node identity 8af312d38a21, cluster identity 4711 tipc: Enabled bearer <eth:syz_tun>, priority 1 Oops: general protection fault KASAN: null-ptr-deref in range CPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT Hardware name: QEMU Ubuntu 24.04 PC RIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0 the ub was in fact a struct dev. when bid != 0 && skip_cnt != 0, bearer_list[bid] may be NULL or other media when other thread changes it. fix this by checking media_id. CVE-2025-38184 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38184.html CVE-2025-38184 https://bugzilla.suse.com/1245956 SUSE Bug 1245956 In the Linux kernel, the following vulnerability has been resolved: net: atm: add lec_mutex syzbot found its way in net/atm/lec.c, and found an error path in lecd_attach() could leave a dangling pointer in dev_lec[]. Add a mutex to protect dev_lecp[] uses from lecd_attach(), lec_vcc_attach() and lec_mcast_attach(). Following patch will use this mutex for /proc/net/atm/lec. BUG: KASAN: slab-use-after-free in lecd_attach net/atm/lec.c:751 [inline] BUG: KASAN: slab-use-after-free in lane_ioctl+0x2224/0x23e0 net/atm/lec.c:1008 Read of size 8 at addr ffff88807c7b8e68 by task syz.1.17/6142 CPU: 1 UID: 0 PID: 6142 Comm: syz.1.17 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0xcd/0x680 mm/kasan/report.c:521 kasan_report+0xe0/0x110 mm/kasan/report.c:634 lecd_attach net/atm/lec.c:751 [inline] lane_ioctl+0x2224/0x23e0 net/atm/lec.c:1008 do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159 sock_do_ioctl+0x118/0x280 net/socket.c:1190 sock_ioctl+0x227/0x6b0 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> Allocated by task 6132: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4328 [inline] __kvmalloc_node_noprof+0x27b/0x620 mm/slub.c:5015 alloc_netdev_mqs+0xd2/0x1570 net/core/dev.c:11711 lecd_attach net/atm/lec.c:737 [inline] lane_ioctl+0x17db/0x23e0 net/atm/lec.c:1008 do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159 sock_do_ioctl+0x118/0x280 net/socket.c:1190 sock_ioctl+0x227/0x6b0 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 6132: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:576 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:233 [inline] slab_free_hook mm/slub.c:2381 [inline] slab_free mm/slub.c:4643 [inline] kfree+0x2b4/0x4d0 mm/slub.c:4842 free_netdev+0x6c5/0x910 net/core/dev.c:11892 lecd_attach net/atm/lec.c:744 [inline] lane_ioctl+0x1ce8/0x23e0 net/atm/lec.c:1008 do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159 sock_do_ioctl+0x118/0x280 net/socket.c:1190 sock_ioctl+0x227/0x6b0 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893 CVE-2025-38323 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38323.html CVE-2025-38323 https://bugzilla.suse.com/1246473 SUSE Bug 1246473 https://bugzilla.suse.com/1246525 SUSE Bug 1246525 In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight class passive via qlen_notify(). Most qdiscs do not expect such behaviour at this point in time and may re-activate the class eventually anyways which will lead to a use-after-free. The referenced fix commit attempted to fix this behavior for the HFSC case by moving the backlog accounting around, though this turned out to be incomplete since the parent's parent may run into the issue too. The following reproducer demonstrates this use-after-free: tc qdisc add dev lo root handle 1: drr tc filter add dev lo parent 1: basic classid 1:1 tc class add dev lo parent 1: classid 1:1 drr tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1 tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0 tc qdisc add dev lo parent 2:1 handle 3: netem tc qdisc add dev lo parent 3:1 handle 4: blackhole echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 tc class delete dev lo classid 1:1 echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 Since backlog accounting issues leading to a use-after-frees on stale class pointers is a recurring pattern at this point, this patch takes a different approach. Instead of trying to fix the accounting, the patch ensures that qdisc_tree_reduce_backlog always calls qlen_notify when the child qdisc is empty. This solves the problem because deletion of qdiscs always involves a call to qdisc_reset() and / or qdisc_purge_queue() which ultimately resets its qlen to 0 thus causing the following qdisc_tree_reduce_backlog() to report to the parent. Note that this may call qlen_notify on passive classes multiple times. This is not a problem after the recent patch series that made all the classful qdiscs qlen_notify() handlers idempotent. CVE-2025-38350 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38350.html CVE-2025-38350 https://bugzilla.suse.com/1246781 SUSE Bug 1246781 https://bugzilla.suse.com/1247043 SUSE Bug 1247043 In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand(). If a concurrent posix_cpu_timer_del() runs at that moment, it won't be able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case. CVE-2025-38352 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38352.html CVE-2025-38352 https://bugzilla.suse.com/1246911 SUSE Bug 1246911 https://bugzilla.suse.com/1249205 SUSE Bug 1249205 In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in to_atmarpd(). atmarpd is protected by RTNL since commit f3a0592b37b8 ("[ATM]: clip causes unregister hang"). However, it is not enough because to_atmarpd() is called without RTNL, especially clip_neigh_solicit() / neigh_ops->solicit() is unsleepable. Also, there is no RTNL dependency around atmarpd. Let's use a private mutex and RCU to protect access to atmarpd in to_atmarpd(). CVE-2025-38460 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38460.html CVE-2025-38460 https://bugzilla.suse.com/1247143 SUSE Bug 1247143 In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo parent 1: classid 1:1 htb rate 64bit tc qdisc add dev lo parent 1:1 handle 2: netem tc qdisc add dev lo parent 2:1 handle 3: blackhole ping -I lo -c1 -W0.001 127.0.0.1 The root cause is the following: 1. htb_dequeue calls htb_dequeue_tree which calls the dequeue handler on the selected leaf qdisc 2. netem_dequeue calls enqueue on the child qdisc 3. blackhole_enqueue drops the packet and returns a value that is not just NET_XMIT_SUCCESS 4. Because of this, netem_dequeue calls qdisc_tree_reduce_backlog, and since qlen is now 0, it calls htb_qlen_notify -> htb_deactivate -> htb_deactiviate_prios -> htb_remove_class_from_row -> htb_safe_rb_erase 5. As this is the only class in the selected hprio rbtree, __rb_change_child in __rb_erase_augmented sets the rb_root pointer to NULL 6. Because blackhole_dequeue returns NULL, netem_dequeue returns NULL, which causes htb_dequeue_tree to call htb_lookup_leaf with the same hprio rbtree, and fail the BUG_ON The function graph for this scenario is shown here: 0) | htb_enqueue() { 0) + 13.635 us | netem_enqueue(); 0) 4.719 us | htb_activate_prios(); 0) # 2249.199 us | } 0) | htb_dequeue() { 0) 2.355 us | htb_lookup_leaf(); 0) | netem_dequeue() { 0) + 11.061 us | blackhole_enqueue(); 0) | qdisc_tree_reduce_backlog() { 0) | qdisc_lookup_rcu() { 0) 1.873 us | qdisc_match_from_root(); 0) 6.292 us | } 0) 1.894 us | htb_search(); 0) | htb_qlen_notify() { 0) 2.655 us | htb_deactivate_prios(); 0) 6.933 us | } 0) + 25.227 us | } 0) 1.983 us | blackhole_dequeue(); 0) + 86.553 us | } 0) # 2932.761 us | qdisc_warn_nonwc(); 0) | htb_lookup_leaf() { 0) | BUG_ON(); ------------------------------------------ The full original bug report can be seen here [1]. We can fix this just by returning NULL instead of the BUG_ON, as htb_dequeue_tree returns NULL when htb_lookup_leaf returns NULL. [1] https://lore.kernel.org/netdev/pF5XOOIim0IuEfhI-SOxTgRvNoDwuux7UHKnE_Y5-zVd4wmGvNk2ceHjKb8ORnzw0cGwfmVu42g9dL7XyJLf1NEzaztboTWcm0Ogxuojoeo=@willsroot.io/ CVE-2025-38468 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38468.html CVE-2025-38468 https://bugzilla.suse.com/1247437 SUSE Bug 1247437 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats. CVE-2025-38477 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38477.html CVE-2025-38477 https://bugzilla.suse.com/1247314 SUSE Bug 1247314 https://bugzilla.suse.com/1247315 SUSE Bug 1247315 In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used. CVE-2025-38494 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38494.html CVE-2025-38494 https://bugzilla.suse.com/1247349 SUSE Bug 1247349 https://bugzilla.suse.com/1247350 SUSE Bug 1247350 In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7. CVE-2025-38495 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38495.html CVE-2025-38495 https://bugzilla.suse.com/1247348 SUSE Bug 1247348 https://bugzilla.suse.com/1247351 SUSE Bug 1247351 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. CVE-2025-38497 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38497.html CVE-2025-38497 https://bugzilla.suse.com/1247347 SUSE Bug 1247347 In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2). CVE-2025-38498 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38498.html CVE-2025-38498 https://bugzilla.suse.com/1247374 SUSE Bug 1247374 https://bugzilla.suse.com/1247499 SUSE Bug 1247499 In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a result of MNT_LOCKED on a child, but it may also come from lacking admin rights in the userns of the namespace mount belongs to. clone_private_mnt() checks the former, but not the latter. There's a number of rather confusing CAP_SYS_ADMIN checks in various userns during the mount, especially with the new mount API; they serve different purposes and in case of clone_private_mnt() they usually, but not always end up covering the missing check mentioned above. CVE-2025-38499 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38499.html CVE-2025-38499 https://bugzilla.suse.com/1247976 SUSE Bug 1247976 https://bugzilla.suse.com/1248673 SUSE Bug 1248673 In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clip_vcc. ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to vcc->user_back. The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the socket is close()d, and then clip_push() frees clip_vcc. However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in atm_init_atmarp(), resulting in memory leak. Let's serialise two ioctl() by lock_sock() and check vcc->push() in atm_init_atmarp() to prevent memleak. CVE-2025-38546 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38546.html CVE-2025-38546 https://bugzilla.suse.com/1248223 SUSE Bug 1248223 In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in composite_dev_cleanup() 1. In func configfs_composite_bind() -> composite_os_desc_req_prepare(): if kmalloc fails, the pointer cdev->os_desc_req will be freed but not set to NULL. Then it will return a failure to the upper-level function. 2. in func configfs_composite_bind() -> composite_dev_cleanup(): it will checks whether cdev->os_desc_req is NULL. If it is not NULL, it will attempt to use it.This will lead to a use-after-free issue. BUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0 Read of size 8 at addr 0000004827837a00 by task init/1 CPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1 kasan_report+0x188/0x1cc __asan_load8+0xb4/0xbc composite_dev_cleanup+0xf4/0x2c0 configfs_composite_bind+0x210/0x7ac udc_bind_to_driver+0xb4/0x1ec usb_gadget_probe_driver+0xec/0x21c gadget_dev_desc_UDC_store+0x264/0x27c CVE-2025-38555 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38555.html CVE-2025-38555 https://bugzilla.suse.com/1248297 SUSE Bug 1248297 https://bugzilla.suse.com/1248298 SUSE Bug 1248298 In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to touch the first and last byte of each 4K page that is being validated. There is no need to perform the mitigation when performing a page state change to shared and rescinding validation. CPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit that, when set, indicates that the software mitigation for this vulnerability is not needed. Implement the mitigation and invoke it when validating memory (making it private) and the COHERENCY_SFW_NO bit is not set, indicating the SNP guest is vulnerable. CVE-2025-38560 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38560.html CVE-2025-38560 https://bugzilla.suse.com/1248312 SUSE Bug 1248312 https://bugzilla.suse.com/1248313 SUSE Bug 1248313 In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap()'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first mapping is established, subsequent mapping have to use the same offset and the same size in both cases. The reference counting for the ringbuffer and the auxiliary buffer depends on this being correct. Though perf does not prevent that a related mapping is split via mmap(2), munmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls, which take reference counts, but then the subsequent perf_mmap_close() calls are not longer fulfilling the offset and size checks. This leads to reference count leaks. As perf already has the requirement for subsequent mappings to match the initial mapping, the obvious consequence is that VMA splits, caused by resizing of a mapping or partial unmapping, have to be prevented. Implement the vm_operations_struct::may_split() callback and return unconditionally -EINVAL. That ensures that the mapping offsets and sizes cannot be changed after the fact. Remapping to a different fixed address with the same size is still possible as it takes the references for the new mapping and drops those of the old mapping. CVE-2025-38563 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38563.html CVE-2025-38563 https://bugzilla.suse.com/1248306 SUSE Bug 1248306 https://bugzilla.suse.com/1248307 SUSE Bug 1248307 In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, we failed to recalculate the ciphertext length. This results in transmitting buffers containing uninitialized data during ciphertext transmission. This causes uninitialized bytes to be appended after a complete "Application Data" packet, leading to errors on the receiving end when parsing TLS record. CVE-2025-38608 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38608.html CVE-2025-38608 https://bugzilla.suse.com/1248338 SUSE Bug 1248338 https://bugzilla.suse.com/1248670 SUSE Bug 1248670 In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There too the packet_notifier NETDEV_UP event managed to run while a po->bind_lock critical section had to be temporarily released. And the fix was similarly to temporarily set po->num to zero to keep the socket unhooked until the lock is retaken. The po->bind_lock in packet_set_ring and packet_notifier precede the introduction of git history. CVE-2025-38617 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38617.html CVE-2025-38617 https://bugzilla.suse.com/1248621 SUSE Bug 1248621 https://bugzilla.suse.com/1249208 SUSE Bug 1249208 In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY. CVE-2025-38618 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38618.html CVE-2025-38618 https://bugzilla.suse.com/1248511 SUSE Bug 1248511 https://bugzilla.suse.com/1249207 SUSE Bug 1249207 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before association completed and without prior TDLS setup. This left internal state like sdata->u.mgd.tdls_peer uninitialized, leading to a WARN_ON() in code paths that assumed it was valid. Reject the operation early if not in station mode or not associated. CVE-2025-38644 Container suse/sle-micro/base-5.5:latest:kernel-default-5.14.21-150500.55.121.2 Container suse/sle-micro/kvm-5.5:latest:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-1-150500.11.5.1 SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.121.2.150500.6.57.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.121.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.121.2 SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.121.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1/ https://www.suse.com/security/cve/CVE-2025-38644.html CVE-2025-38644 https://bugzilla.suse.com/1248748 SUSE Bug 1248748 https://bugzilla.suse.com/1248749 SUSE Bug 1248749