Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0855-1 Final 1 1 2025-03-13T12:44:03Z current 2025-03-13T12:44:03Z 2025-03-13T12:44:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). - CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). - CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). - CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: - net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). - net: netvsc: Update default VMBus channels (bsc#1236757). - scsi: storvsc: Handle SRB status value 0x30 (git-fixes). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sle-micro-rancher/5.2:latest-2025-855,SUSE-2025-855,SUSE-SLE-Module-Live-Patching-15-SP3-2025-855,SUSE-SLE-Product-HA-15-SP3-2025-855,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-855,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-855,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-855,SUSE-SUSE-MicroOS-5.1-2025-855,SUSE-SUSE-MicroOS-5.2-2025-855,SUSE-Storage-7.1-2025-855 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ Link for SUSE-SU-2025:0855-1 https://lists.suse.com/pipermail/sle-security-updates/2025-March/020509.html E-Mail link for SUSE-SU-2025:0855-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1215420 SUSE Bug 1215420 https://bugzilla.suse.com/1224700 SUSE Bug 1224700 https://bugzilla.suse.com/1225742 SUSE Bug 1225742 https://bugzilla.suse.com/1232919 SUSE Bug 1232919 https://bugzilla.suse.com/1234853 SUSE Bug 1234853 https://bugzilla.suse.com/1234891 SUSE Bug 1234891 https://bugzilla.suse.com/1234963 SUSE Bug 1234963 https://bugzilla.suse.com/1235054 SUSE Bug 1235054 https://bugzilla.suse.com/1235061 SUSE Bug 1235061 https://bugzilla.suse.com/1235073 SUSE Bug 1235073 https://bugzilla.suse.com/1236757 SUSE Bug 1236757 https://bugzilla.suse.com/1236761 SUSE Bug 1236761 https://bugzilla.suse.com/1236821 SUSE Bug 1236821 https://bugzilla.suse.com/1237025 SUSE Bug 1237025 https://bugzilla.suse.com/1237028 SUSE Bug 1237028 https://bugzilla.suse.com/1237139 SUSE Bug 1237139 https://bugzilla.suse.com/1237768 SUSE Bug 1237768 https://bugzilla.suse.com/1238033 SUSE Bug 1238033 https://www.suse.com/security/cve/CVE-2021-47633/ SUSE CVE CVE-2021-47633 page https://www.suse.com/security/cve/CVE-2022-49080/ SUSE CVE CVE-2022-49080 page https://www.suse.com/security/cve/CVE-2023-4244/ SUSE CVE CVE-2023-4244 page https://www.suse.com/security/cve/CVE-2023-52924/ SUSE CVE CVE-2023-52924 page https://www.suse.com/security/cve/CVE-2024-35949/ SUSE CVE CVE-2024-35949 page https://www.suse.com/security/cve/CVE-2024-50115/ SUSE CVE CVE-2024-50115 page https://www.suse.com/security/cve/CVE-2024-53173/ SUSE CVE CVE-2024-53173 page https://www.suse.com/security/cve/CVE-2024-53239/ SUSE CVE CVE-2024-53239 page https://www.suse.com/security/cve/CVE-2024-56539/ SUSE CVE CVE-2024-56539 page https://www.suse.com/security/cve/CVE-2024-56548/ SUSE CVE CVE-2024-56548 page https://www.suse.com/security/cve/CVE-2024-56605/ SUSE CVE CVE-2024-56605 page https://www.suse.com/security/cve/CVE-2025-21690/ SUSE CVE CVE-2025-21690 page https://www.suse.com/security/cve/CVE-2025-21692/ SUSE CVE CVE-2025-21692 page https://www.suse.com/security/cve/CVE-2025-21699/ SUSE CVE CVE-2025-21699 page Container suse/sle-micro-rancher/5.2:latest SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Live Patching 15 SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-default-5.3.18-150300.59.198.1 cluster-md-kmp-64kb-5.3.18-150300.59.198.1 cluster-md-kmp-default-5.3.18-150300.59.198.1 cluster-md-kmp-preempt-5.3.18-150300.59.198.1 dlm-kmp-64kb-5.3.18-150300.59.198.1 dlm-kmp-default-5.3.18-150300.59.198.1 dlm-kmp-preempt-5.3.18-150300.59.198.1 dtb-al-5.3.18-150300.59.198.1 dtb-allwinner-5.3.18-150300.59.198.1 dtb-altera-5.3.18-150300.59.198.1 dtb-amd-5.3.18-150300.59.198.1 dtb-amlogic-5.3.18-150300.59.198.1 dtb-apm-5.3.18-150300.59.198.1 dtb-arm-5.3.18-150300.59.198.1 dtb-broadcom-5.3.18-150300.59.198.1 dtb-cavium-5.3.18-150300.59.198.1 dtb-exynos-5.3.18-150300.59.198.1 dtb-freescale-5.3.18-150300.59.198.1 dtb-hisilicon-5.3.18-150300.59.198.1 dtb-lg-5.3.18-150300.59.198.1 dtb-marvell-5.3.18-150300.59.198.1 dtb-mediatek-5.3.18-150300.59.198.1 dtb-nvidia-5.3.18-150300.59.198.1 dtb-qcom-5.3.18-150300.59.198.1 dtb-renesas-5.3.18-150300.59.198.1 dtb-rockchip-5.3.18-150300.59.198.1 dtb-socionext-5.3.18-150300.59.198.1 dtb-sprd-5.3.18-150300.59.198.1 dtb-xilinx-5.3.18-150300.59.198.1 dtb-zte-5.3.18-150300.59.198.1 gfs2-kmp-64kb-5.3.18-150300.59.198.1 gfs2-kmp-default-5.3.18-150300.59.198.1 gfs2-kmp-preempt-5.3.18-150300.59.198.1 kernel-64kb-5.3.18-150300.59.198.1 kernel-64kb-devel-5.3.18-150300.59.198.1 kernel-64kb-extra-5.3.18-150300.59.198.1 kernel-64kb-optional-5.3.18-150300.59.198.1 kernel-debug-5.3.18-150300.59.198.1 kernel-debug-devel-5.3.18-150300.59.198.1 kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 kernel-default-base-rebuild-5.3.18-150300.59.198.1.150300.18.118.1 kernel-default-devel-5.3.18-150300.59.198.1 kernel-default-extra-5.3.18-150300.59.198.1 kernel-default-livepatch-5.3.18-150300.59.198.1 kernel-default-livepatch-devel-5.3.18-150300.59.198.1 kernel-default-optional-5.3.18-150300.59.198.1 kernel-devel-5.3.18-150300.59.198.1 kernel-docs-5.3.18-150300.59.198.1 kernel-docs-html-5.3.18-150300.59.198.1 kernel-kvmsmall-5.3.18-150300.59.198.1 kernel-kvmsmall-devel-5.3.18-150300.59.198.1 kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 kernel-livepatch-5_3_18-150300_59_198-preempt-1-150300.7.3.1 kernel-macros-5.3.18-150300.59.198.1 kernel-obs-build-5.3.18-150300.59.198.1 kernel-obs-qa-5.3.18-150300.59.198.1 kernel-preempt-5.3.18-150300.59.198.1 kernel-preempt-devel-5.3.18-150300.59.198.1 kernel-preempt-extra-5.3.18-150300.59.198.1 kernel-preempt-optional-5.3.18-150300.59.198.1 kernel-source-5.3.18-150300.59.198.1 kernel-source-vanilla-5.3.18-150300.59.198.1 kernel-syms-5.3.18-150300.59.198.1 kernel-zfcpdump-5.3.18-150300.59.198.1 kselftests-kmp-64kb-5.3.18-150300.59.198.1 kselftests-kmp-default-5.3.18-150300.59.198.1 kselftests-kmp-preempt-5.3.18-150300.59.198.1 ocfs2-kmp-64kb-5.3.18-150300.59.198.1 ocfs2-kmp-default-5.3.18-150300.59.198.1 ocfs2-kmp-preempt-5.3.18-150300.59.198.1 reiserfs-kmp-64kb-5.3.18-150300.59.198.1 reiserfs-kmp-default-5.3.18-150300.59.198.1 reiserfs-kmp-preempt-5.3.18-150300.59.198.1 kernel-default-5.3.18-150300.59.198.1 as a component of Container suse/sle-micro-rancher/5.2:latest kernel-64kb-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-64kb-devel-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-default-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 as a component of SUSE Enterprise Storage 7.1 kernel-default-devel-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-devel-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-docs-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-macros-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-obs-build-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-preempt-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-preempt-devel-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-source-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 kernel-syms-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 reiserfs-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Enterprise Storage 7.1 cluster-md-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 dlm-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 gfs2-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 ocfs2-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 kernel-64kb-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-64kb-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-default-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-docs-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-macros-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-obs-build-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-preempt-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-preempt-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-source-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-syms-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS reiserfs-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS kernel-default-livepatch-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Live Patching 15 SP3 kernel-default-livepatch-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Live Patching 15 SP3 kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 as a component of SUSE Linux Enterprise Live Patching 15 SP3 kernel-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Micro 5.1 kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 as a component of SUSE Linux Enterprise Micro 5.1 kernel-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Micro 5.2 kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 as a component of SUSE Linux Enterprise Micro 5.2 kernel-64kb-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-64kb-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-default-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-docs-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-macros-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-obs-build-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-preempt-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-preempt-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-source-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-syms-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-zfcpdump-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS reiserfs-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS kernel-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-default-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-docs-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-macros-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-obs-build-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-preempt-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-preempt-devel-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-source-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 kernel-syms-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 reiserfs-kmp-default-5.3.18-150300.59.198.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in the loop, idx can go up to AR5K_EEPROM_N_PD_CURVES. The line makes pd out of bound. pd = &chinfo[pier].pd_curves[idx]; There are many OOB writes using pd later in the code. So I added a sanity check for idx. Checks for other loops involving AR5K_EEPROM_N_PD_CURVES are not needed as the loop index is not used outside the loops. The patch is NOT tested with real device. The following is the fuzzing report BUG: KASAN: slab-out-of-bounds in ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k] Write of size 1 at addr ffff8880174a4d60 by task modprobe/214 CPU: 0 PID: 214 Comm: modprobe Not tainted 5.6.0 #1 Call Trace: dump_stack+0x76/0xa0 print_address_description.constprop.0+0x16/0x200 ? ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k] ? ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k] __kasan_report.cold+0x37/0x7c ? ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k] kasan_report+0xe/0x20 ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k] ? apic_timer_interrupt+0xa/0x20 ? ath5k_eeprom_init_11a_pcal_freq+0xbc0/0xbc0 [ath5k] ? ath5k_pci_eeprom_read+0x228/0x3c0 [ath5k] ath5k_eeprom_init+0x2513/0x6290 [ath5k] ? ath5k_eeprom_init_11a_pcal_freq+0xbc0/0xbc0 [ath5k] ? usleep_range+0xb8/0x100 ? apic_timer_interrupt+0xa/0x20 ? ath5k_eeprom_read_pcal_info_2413+0x2f20/0x2f20 [ath5k] ath5k_hw_init+0xb60/0x1970 [ath5k] ath5k_init_ah+0x6fe/0x2530 [ath5k] ? kasprintf+0xa6/0xe0 ? ath5k_stop+0x140/0x140 [ath5k] ? _dev_notice+0xf6/0xf6 ? apic_timer_interrupt+0xa/0x20 ath5k_pci_probe.cold+0x29a/0x3d6 [ath5k] ? ath5k_pci_eeprom_read+0x3c0/0x3c0 [ath5k] ? mutex_lock+0x89/0xd0 ? ath5k_pci_eeprom_read+0x3c0/0x3c0 [ath5k] local_pci_probe+0xd3/0x160 pci_device_probe+0x23f/0x3e0 ? pci_device_remove+0x280/0x280 ? pci_device_remove+0x280/0x280 really_probe+0x209/0x5d0 CVE-2021-47633 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2021-47633.html CVE-2021-47633 https://bugzilla.suse.com/1237768 SUSE Bug 1237768 https://bugzilla.suse.com/1237769 SUSE Bug 1237769 In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized yet, so mpol_put could not do the right things and might leak the unused mpol_new. This would happen if mempolicy was updated on the shared shmem file while the sp->lock has been dropped during the memory allocation. This issue could be triggered easily with the below code snippet if there are many processes doing the below work at the same time: shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT); shm = shmat(shmid, 0, 0); loop many times { mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0); mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask, maxnode, 0); } CVE-2022-49080 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2022-49080.html CVE-2022-49080 https://bugzilla.suse.com/1238033 SUSE Bug 1238033 https://bugzilla.suse.com/1238324 SUSE Bug 1238324 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. CVE-2023-4244 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2023-4244.html CVE-2023-4244 https://bugzilla.suse.com/1215420 SUSE Bug 1215420 https://bugzilla.suse.com/1215424 SUSE Bug 1215424 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't skip expired elements during walk There is an asymmetry between commit/abort and preparation phase if the following conditions are met: 1. set is a verdict map ("1.2.3.4 : jump foo") 2. timeouts are enabled In this case, following sequence is problematic: 1. element E in set S refers to chain C 2. userspace requests removal of set S 3. kernel does a set walk to decrement chain->use count for all elements from preparation phase 4. kernel does another set walk to remove elements from the commit phase (or another walk to do a chain->use increment for all elements from abort phase) If E has already expired in 1), it will be ignored during list walk, so its use count won't have been changed. Then, when set is culled, ->destroy callback will zap the element via nf_tables_set_elem_destroy(), but this function is only safe for elements that have been deactivated earlier from the preparation phase: lack of earlier deactivate removes the element but leaks the chain use count, which results in a WARN splat when the chain gets removed later, plus a leak of the nft_chain structure. Update pipapo_get() not to skip expired elements, otherwise flush command reports bogus ENOENT errors. CVE-2023-52924 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2023-52924.html CVE-2023-52924 https://bugzilla.suse.com/1236821 SUSE Bug 1236821 In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if we had WRITTEN set on the header flags. This leaves a gap in our checking, because we could end up with corruption on disk where WRITTEN isn't set on the leaf, and then the extended leaf checks don't get run which we rely on to validate all of the item pointers to make sure we don't access memory outside of the extent buffer. However, since 732fab95abe2 ("btrfs: check-integrity: remove CONFIG_BTRFS_FS_CHECK_INTEGRITY option") we no longer call btrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only ever call it on blocks that are being written out, and thus have WRITTEN set, or that are being read in, which should have WRITTEN set. Add checks to make sure we have WRITTEN set appropriately, and then make sure __btrfs_check_leaf() always does the item checking. This will protect us from file systems that have been corrupted and no longer have WRITTEN set on some of the blocks. This was hit on a crafted image tweaking the WRITTEN bit and reported by KASAN as out-of-bound access in the eb accessors. The example is a dir item at the end of an eb. [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2 [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f] [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1 [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0 [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206 [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0 [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748 [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9 [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8 [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000 [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0 [2.621] Call Trace: [2.621] <TASK> [2.621] ? show_regs+0x74/0x80 [2.621] ? die_addr+0x46/0xc0 [2.621] ? exc_general_protection+0x161/0x2a0 [2.621] ? asm_exc_general_protection+0x26/0x30 [2.621] ? btrfs_get_16+0x33a/0x6d0 [2.621] ? btrfs_get_16+0x34b/0x6d0 [2.621] ? btrfs_get_16+0x33a/0x6d0 [2.621] ? __pfx_btrfs_get_16+0x10/0x10 [2.621] ? __pfx_mutex_unlock+0x10/0x10 [2.621] btrfs_match_dir_item_name+0x101/0x1a0 [2.621] btrfs_lookup_dir_item+0x1f3/0x280 [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10 [2.621] btrfs_get_tree+0xd25/0x1910 [ copy more details from report ] CVE-2024-35949 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-35949.html CVE-2024-35949 https://bugzilla.suse.com/1224700 SUSE Bug 1224700 https://bugzilla.suse.com/1229273 SUSE Bug 1229273 In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of nCR3. In the absolute worst case scenario, failure to ignore bits 4:0 can result in an out-of-bounds read, e.g. if the target page is at the end of a memslot, and the VMM isn't using guard pages. Per the APM: The CR3 register points to the base address of the page-directory-pointer table. The page-directory-pointer table is aligned on a 32-byte boundary, with the low 5 address bits 4:0 assumed to be 0. And the SDM's much more explicit: 4:0 Ignored Note, KVM gets this right when loading PDPTRs, it's only the nSVM flow that is broken. CVE-2024-50115 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-50115.html CVE-2024-50115 https://bugzilla.suse.com/1225742 SUSE Bug 1225742 https://bugzilla.suse.com/1232919 SUSE Bug 1232919 https://bugzilla.suse.com/1233019 SUSE Bug 1233019 In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs_release_seqid() in nfs4_opendata_free() can result in a use-after-free of the pointer to the defunct rpc task of the other thread. The fix is to ensure that if the RPC call is aborted before the call to nfs_wait_on_sequence() is complete, then we must call nfs_release_seqid() in nfs4_open_release() before the rpc_task is freed. CVE-2024-53173 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-53173.html CVE-2024-53173 https://bugzilla.suse.com/1234853 SUSE Bug 1234853 https://bugzilla.suse.com/1234891 SUSE Bug 1234891 https://bugzilla.suse.com/1234892 SUSE Bug 1234892 In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as we're calling snd_card_free_when_closed()). For avoid potential UAFs, move the release of resources to the card's private_free instead of the manual call of usb6fire_chip_destroy() at the USB disconnect callback. CVE-2024-53239 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-53239.html CVE-2024-53239 https://bugzilla.suse.com/1234853 SUSE Bug 1234853 https://bugzilla.suse.com/1235054 SUSE Bug 1235054 https://bugzilla.suse.com/1235055 SUSE Bug 1235055 In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following warning on a MT8173 Chromebook (mt8173-elm-hana): [ 356.775250] ------------[ cut here ]------------ [ 356.784543] memcpy: detected field-spanning write (size 6) of single field "wildcard_ssid_tlv->ssid" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1) [ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex] The "(size 6)" above is exactly the length of the SSID of the network this device was connected to. The source of the warning looks like: ssid_len = user_scan_in->ssid_list[i].ssid_len; [...] memcpy(wildcard_ssid_tlv->ssid, user_scan_in->ssid_list[i].ssid, ssid_len); There is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this struct, but it already didn't account for the size of the one-element array, so it doesn't need to be changed. CVE-2024-56539 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-56539.html CVE-2024-56539 https://bugzilla.suse.com/1234853 SUSE Bug 1234853 https://bugzilla.suse.com/1234963 SUSE Bug 1234963 https://bugzilla.suse.com/1234964 SUSE Bug 1234964 In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like IO being rejected, in the case of hfsplus, it will allocate a block by using that size and potentially write out-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the latter function reads a different io_size. Using a new min_io_size initally set to sb_min_blocksize works for the purposes of the original fix, since it will be set to the max between HFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the max between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not initialized. Tested by mounting an hfsplus filesystem with loop block sizes 512, 1024 and 4096. The produced KASAN report before the fix looks like this: [ 419.944641] ================================================================== [ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a [ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678 [ 419.947612] [ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84 [ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 419.950035] Call Trace: [ 419.950384] <TASK> [ 419.950676] dump_stack_lvl+0x57/0x78 [ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a [ 419.951830] print_report+0x14c/0x49e [ 419.952361] ? __virt_addr_valid+0x267/0x278 [ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d [ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a [ 419.954231] kasan_report+0x89/0xb0 [ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a [ 419.955367] hfsplus_read_wrapper+0x659/0xa0a [ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10 [ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9 [ 419.957214] ? _raw_spin_unlock+0x1a/0x2e [ 419.957772] hfsplus_fill_super+0x348/0x1590 [ 419.958355] ? hlock_class+0x4c/0x109 [ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 419.959499] ? __pfx_string+0x10/0x10 [ 419.960006] ? lock_acquire+0x3e2/0x454 [ 419.960532] ? bdev_name.constprop.0+0xce/0x243 [ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10 [ 419.961799] ? pointer+0x3f0/0x62f [ 419.962277] ? __pfx_pointer+0x10/0x10 [ 419.962761] ? vsnprintf+0x6c4/0xfba [ 419.963178] ? __pfx_vsnprintf+0x10/0x10 [ 419.963621] ? setup_bdev_super+0x376/0x3b3 [ 419.964029] ? snprintf+0x9d/0xd2 [ 419.964344] ? __pfx_snprintf+0x10/0x10 [ 419.964675] ? lock_acquired+0x45c/0x5e9 [ 419.965016] ? set_blocksize+0x139/0x1c1 [ 419.965381] ? sb_set_blocksize+0x6d/0xae [ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 419.966179] mount_bdev+0x12f/0x1bf [ 419.966512] ? __pfx_mount_bdev+0x10/0x10 [ 419.966886] ? vfs_parse_fs_string+0xce/0x111 [ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10 [ 419.968073] legacy_get_tree+0x104/0x178 [ 419.968414] vfs_get_tree+0x86/0x296 [ 419.968751] path_mount+0xba3/0xd0b [ 419.969157] ? __pfx_path_mount+0x10/0x10 [ 419.969594] ? kmem_cache_free+0x1e2/0x260 [ 419.970311] do_mount+0x99/0xe0 [ 419.970630] ? __pfx_do_mount+0x10/0x10 [ 419.971008] __do_sys_mount+0x199/0x1c9 [ 419.971397] do_syscall_64+0xd0/0x135 [ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 419.972233] RIP: 0033:0x7c3cb812972e [ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48 [ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e [ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI: ---truncated--- CVE-2024-56548 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-56548.html CVE-2024-56548 https://bugzilla.suse.com/1234853 SUSE Bug 1234853 https://bugzilla.suse.com/1235073 SUSE Bug 1235073 https://bugzilla.suse.com/1235074 SUSE Bug 1235074 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk object, but the dangling pointer is still attached to the sock object, which may create use-after-free in other code. CVE-2024-56605 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2024-56605.html CVE-2024-56605 https://bugzilla.suse.com/1234853 SUSE Bug 1234853 https://bugzilla.suse.com/1235061 SUSE Bug 1235061 https://bugzilla.suse.com/1235062 SUSE Bug 1235062 In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preventing troubleshooting from the VM side. Ratelimit the warning so it doesn't DoS the VM. CVE-2025-21690 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2025-21690.html CVE-2025-21690 https://bugzilla.suse.com/1237025 SUSE Bug 1237025 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause local privilege escalation. [ 18.852298] ------------[ cut here ]------------ [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20 [ 18.853743] index 18446744073709551615 is out of range for type 'ets_class [16]' [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17 [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 18.856532] Call Trace: [ 18.857441] <TASK> [ 18.858227] dump_stack_lvl+0xc2/0xf0 [ 18.859607] dump_stack+0x10/0x20 [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0 [ 18.864022] ets_class_change+0x3d6/0x3f0 [ 18.864322] tc_ctl_tclass+0x251/0x910 [ 18.864587] ? lock_acquire+0x5e/0x140 [ 18.865113] ? __mutex_lock+0x9c/0xe70 [ 18.866009] ? __mutex_lock+0xa34/0xe70 [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0 [ 18.866806] ? __lock_acquire+0x578/0xc10 [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 18.867503] netlink_rcv_skb+0x59/0x110 [ 18.867776] rtnetlink_rcv+0x15/0x30 [ 18.868159] netlink_unicast+0x1c3/0x2b0 [ 18.868440] netlink_sendmsg+0x239/0x4b0 [ 18.868721] ____sys_sendmsg+0x3e2/0x410 [ 18.869012] ___sys_sendmsg+0x88/0xe0 [ 18.869276] ? rseq_ip_fixup+0x198/0x260 [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190 [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0 [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220 [ 18.870547] ? do_syscall_64+0x93/0x150 [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290 [ 18.871157] __sys_sendmsg+0x69/0xd0 [ 18.871416] __x64_sys_sendmsg+0x1d/0x30 [ 18.871699] x64_sys_call+0x9e2/0x2670 [ 18.871979] do_syscall_64+0x87/0x150 [ 18.873280] ? do_syscall_64+0x93/0x150 [ 18.874742] ? lock_release+0x7b/0x160 [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0 [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210 [ 18.879608] ? irqentry_exit+0x77/0xb0 [ 18.879808] ? clear_bhb_loop+0x15/0x70 [ 18.880023] ? clear_bhb_loop+0x15/0x70 [ 18.880223] ? clear_bhb_loop+0x15/0x70 [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 18.880683] RIP: 0033:0x44a957 [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10 [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957 [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003 [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0 [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001 [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001 [ 18.888395] </TASK> [ 18.888610] ---[ end trace ]--- CVE-2025-21692 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2025-21692.html CVE-2025-21692 https://bugzilla.suse.com/1237028 SUSE Bug 1237028 https://bugzilla.suse.com/1237048 SUSE Bug 1237048 In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buffer heads or iomap_folio_state structs, and we cannot mix the two. CVE-2025-21699 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.198.1 SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.198.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.198.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250855-1/ https://www.suse.com/security/cve/CVE-2025-21699.html CVE-2025-21699 https://bugzilla.suse.com/1237139 SUSE Bug 1237139