Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-22984 (GCVE-0-2026-22984)
Vulnerability from cvelistv5 – Published: 2026-01-23 15:24 – Updated: 2026-02-09 08:36
VLAI?
EPSS
Title
libceph: prevent potential out-of-bounds reads in handle_auth_done()
Summary
In the Linux kernel, the following vulnerability has been resolved:
libceph: prevent potential out-of-bounds reads in handle_auth_done()
Perform an explicit bounds check on payload_len to avoid a possible
out-of-bounds access in the callout.
[ idryomov: changelog ]
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux |
Affected:
cd1a677cad994021b19665ed476aea63f5d54f31 , < 194cfe2af4d2a1de599d39dad636b47c2f6c2c96
(git)
Affected: cd1a677cad994021b19665ed476aea63f5d54f31 , < 79fe3511db416d2f2edcfd93569807cb02736e5e (git) Affected: cd1a677cad994021b19665ed476aea63f5d54f31 , < ef208ea331ef688729f64089b895ed1b49e842e3 (git) Affected: cd1a677cad994021b19665ed476aea63f5d54f31 , < 2802ef3380fa8c4a08cda51ec1f085b1a712e9e2 (git) Affected: cd1a677cad994021b19665ed476aea63f5d54f31 , < 2d653bb63d598ae4b096dd678744bdcc34ee89e8 (git) Affected: cd1a677cad994021b19665ed476aea63f5d54f31 , < 818156caffbf55cb4d368f9c3cac64e458fb49c9 (git) |
|||||||
|
|||||||||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ceph/messenger_v2.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "194cfe2af4d2a1de599d39dad636b47c2f6c2c96",
"status": "affected",
"version": "cd1a677cad994021b19665ed476aea63f5d54f31",
"versionType": "git"
},
{
"lessThan": "79fe3511db416d2f2edcfd93569807cb02736e5e",
"status": "affected",
"version": "cd1a677cad994021b19665ed476aea63f5d54f31",
"versionType": "git"
},
{
"lessThan": "ef208ea331ef688729f64089b895ed1b49e842e3",
"status": "affected",
"version": "cd1a677cad994021b19665ed476aea63f5d54f31",
"versionType": "git"
},
{
"lessThan": "2802ef3380fa8c4a08cda51ec1f085b1a712e9e2",
"status": "affected",
"version": "cd1a677cad994021b19665ed476aea63f5d54f31",
"versionType": "git"
},
{
"lessThan": "2d653bb63d598ae4b096dd678744bdcc34ee89e8",
"status": "affected",
"version": "cd1a677cad994021b19665ed476aea63f5d54f31",
"versionType": "git"
},
{
"lessThan": "818156caffbf55cb4d368f9c3cac64e458fb49c9",
"status": "affected",
"version": "cd1a677cad994021b19665ed476aea63f5d54f31",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ceph/messenger_v2.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.198",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.121",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.66",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.19",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.198",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.161",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.121",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.66",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.6",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19",
"versionStartIncluding": "5.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in handle_auth_done()\n\nPerform an explicit bounds check on payload_len to avoid a possible\nout-of-bounds access in the callout.\n\n[ idryomov: changelog ]"
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T08:36:34.605Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96"
},
{
"url": "https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e"
},
{
"url": "https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3"
},
{
"url": "https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2"
},
{
"url": "https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8"
},
{
"url": "https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9"
}
],
"title": "libceph: prevent potential out-of-bounds reads in handle_auth_done()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-22984",
"datePublished": "2026-01-23T15:24:06.245Z",
"dateReserved": "2026-01-13T15:37:45.936Z",
"dateUpdated": "2026-02-09T08:36:34.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-22984\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-01-23T16:15:54.440\",\"lastModified\":\"2026-02-26T18:48:45.403\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nlibceph: prevent potential out-of-bounds reads in handle_auth_done()\\n\\nPerform an explicit bounds check on payload_len to avoid a possible\\nout-of-bounds access in the callout.\\n\\n[ idryomov: changelog ]\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.198\",\"matchCriteriaId\":\"82159CAA-B6BA-43C6-85D8-65BDBC175A7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.161\",\"matchCriteriaId\":\"E135B7E2-61FC-4DC1-8570-ABD67894FFDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.121\",\"matchCriteriaId\":\"BB7A164B-7422-4A1C-82FB-5FCAEE53C06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.66\",\"matchCriteriaId\":\"F72B884C-B44F-40E4-9895-CE421AC663D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.6\",\"matchCriteriaId\":\"879529BC-5B4C-4EBE-BF1D-1A31404A8B2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"17B67AA7-40D6-4AFA-8459-F200F3D7CFD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47E4CC9-C826-4FA9-B014-7FE3D9B318B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71D92C0-C023-48BD-B3B6-70B638EEE298\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"13580667-0A98-40CC-B29F-D12790B91BDB\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
CERTFR-2026-AVI-0167
Vulnerability from certfr_avis - Published: 2026-02-13 - Updated: 2026-02-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 5.10.249-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 6.1.162-1~deb11u1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2025-71075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71075"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2026-23098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23098"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2025-68778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68778"
},
{
"name": "CVE-2026-23054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23054"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-68380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68380"
},
{
"name": "CVE-2025-39702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
},
{
"name": "CVE-2026-23069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23069"
},
{
"name": "CVE-2023-53421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53421"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2025-71071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71071"
},
{
"name": "CVE-2025-71191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71191"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-68364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68364"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2025-40039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40039"
},
{
"name": "CVE-2025-68746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68746"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2026-23020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23020"
},
{
"name": "CVE-2025-68796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68796"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-68769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68769"
},
{
"name": "CVE-2025-71189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71189"
},
{
"name": "CVE-2025-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2026-23090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23090"
},
{
"name": "CVE-2022-49711",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49711"
},
{
"name": "CVE-2026-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23064"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-68806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68806"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2026-23061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23061"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2026-23047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23047"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2025-68344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68344"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2025-68257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68257"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2026-23049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23049"
},
{
"name": "CVE-2022-49743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49743"
},
{
"name": "CVE-2025-68347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68347"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2025-68780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68780"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2026-23101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23101"
},
{
"name": "CVE-2026-23099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23099"
},
{
"name": "CVE-2025-71121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71121"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2026-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23085"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-68258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68258"
},
{
"name": "CVE-2025-39871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39871"
},
{
"name": "CVE-2025-37926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
},
{
"name": "CVE-2025-68291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68291"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-68255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68255"
},
{
"name": "CVE-2026-22980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22980"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2025-71102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71102"
},
{
"name": "CVE-2025-68759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68759"
},
{
"name": "CVE-2026-23019",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23019"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68335"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2026-23030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23030"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2025-71196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71196"
},
{
"name": "CVE-2025-68772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68772"
},
{
"name": "CVE-2026-23078",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23078"
},
{
"name": "CVE-2025-68785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68785"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2025-68223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68223"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2025-68724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
},
{
"name": "CVE-2026-23103",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23103"
},
{
"name": "CVE-2026-23074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23074"
},
{
"name": "CVE-2025-71126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71126"
},
{
"name": "CVE-2025-68786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68786"
},
{
"name": "CVE-2025-71199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71199"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2024-49968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49968"
},
{
"name": "CVE-2025-68259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68259"
},
{
"name": "CVE-2025-71125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71125"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2025-71069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71069"
},
{
"name": "CVE-2026-22994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22994"
},
{
"name": "CVE-2026-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23083"
},
{
"name": "CVE-2025-68774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68774"
},
{
"name": "CVE-2026-23108",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23108"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-71180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71180"
},
{
"name": "CVE-2025-38232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38232"
},
{
"name": "CVE-2025-71194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71194"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2026-23068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23068"
},
{
"name": "CVE-2025-68765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68765"
},
{
"name": "CVE-2026-23089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23089"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2026-23071",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23071"
},
{
"name": "CVE-2026-23056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23056"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2024-36927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
},
{
"name": "CVE-2023-54321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54321"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2026-23063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23063"
},
{
"name": "CVE-2026-23073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23073"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2026-23058",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23058"
},
{
"name": "CVE-2025-71182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71182"
},
{
"name": "CVE-2026-23038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23038"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2025-71186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71186"
},
{
"name": "CVE-2025-68821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68821"
},
{
"name": "CVE-2026-23026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23026"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2025-71190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71190"
},
{
"name": "CVE-2026-23107",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23107"
},
{
"name": "CVE-2025-68332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68332"
},
{
"name": "CVE-2025-71104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71104"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2026-23037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23037"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2023-54207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54207"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2025-68742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68742"
},
{
"name": "CVE-2026-23025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23025"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"name": "CVE-2026-22982",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22982"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2025-71150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71150"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2026-23091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23091"
},
{
"name": "CVE-2025-38718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
},
{
"name": "CVE-2025-71192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71192"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2025-68799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68799"
},
{
"name": "CVE-2025-68345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68345"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-23087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23087"
},
{
"name": "CVE-2025-71185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71185"
},
{
"name": "CVE-2026-23096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23096"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2025-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40149"
},
{
"name": "CVE-2025-40164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40164"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-52658",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2026-23075",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23075"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-23105",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23105"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2025-68753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68753"
},
{
"name": "CVE-2025-68781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68781"
},
{
"name": "CVE-2025-68369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68369"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54285"
},
{
"name": "CVE-2026-23086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23086"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-68818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68818"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2026-23095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23095"
},
{
"name": "CVE-2025-68346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68346"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2025-71105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71105"
},
{
"name": "CVE-2025-68266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68266"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2026-23033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23033"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2026-23003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23003"
},
{
"name": "CVE-2025-68766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68766"
},
{
"name": "CVE-2026-23076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23076"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2026-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23084"
},
{
"name": "CVE-2026-22979",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22979"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2026-23110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23110"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2026-23060",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23060"
},
{
"name": "CVE-2025-68282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68282"
},
{
"name": "CVE-2025-68817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68817"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2025-68787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68787"
},
{
"name": "CVE-2025-68782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68782"
},
{
"name": "CVE-2025-71197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71197"
},
{
"name": "CVE-2025-68758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68758"
},
{
"name": "CVE-2026-23031",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23031"
},
{
"name": "CVE-2025-71113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71113"
},
{
"name": "CVE-2025-71127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71127"
},
{
"name": "CVE-2026-23102",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23102"
},
{
"name": "CVE-2026-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
},
{
"name": "CVE-2025-68340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68340"
},
{
"name": "CVE-2025-40110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40110"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2025-68336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68336"
},
{
"name": "CVE-2023-52975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52975"
},
{
"name": "CVE-2026-23097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23097"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2026-23021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23021"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2026-23093",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23093"
},
{
"name": "CVE-2025-71183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71183"
},
{
"name": "CVE-2025-68371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68371"
},
{
"name": "CVE-2025-68211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68211"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2025-68263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68263"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2022-48744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48744"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2025-68767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68767"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2026-23080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23080"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-13T00:00:00",
"last_revision_date": "2026-02-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0167",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian LTS. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4476-1",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4475-1",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00016.html"
}
]
}
CERTFR-2026-AVI-0225
Vulnerability from certfr_avis - Published: 2026-02-27 - Updated: 2026-02-27
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Micro Extras | SUSE Linux Micro Extras 6.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP7",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.0",
"product": {
"name": "SUSE Linux Micro Extras",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-50669",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50669"
},
{
"name": "CVE-2023-53761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53761"
},
{
"name": "CVE-2023-53814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53814"
},
{
"name": "CVE-2025-40166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40166"
},
{
"name": "CVE-2023-53407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53407"
},
{
"name": "CVE-2023-54076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54076"
},
{
"name": "CVE-2025-40273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40273"
},
{
"name": "CVE-2023-54208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54208"
},
{
"name": "CVE-2023-53714",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53714"
},
{
"name": "CVE-2025-68230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68230"
},
{
"name": "CVE-2023-54039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54039"
},
{
"name": "CVE-2025-40064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40064"
},
{
"name": "CVE-2023-53804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53804"
},
{
"name": "CVE-2023-54149",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54149"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2023-53797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53797"
},
{
"name": "CVE-2023-53863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53863"
},
{
"name": "CVE-2023-54131",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54131"
},
{
"name": "CVE-2023-54142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54142"
},
{
"name": "CVE-2025-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40156"
},
{
"name": "CVE-2022-50779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50779"
},
{
"name": "CVE-2023-54000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54000"
},
{
"name": "CVE-2023-54052",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54052"
},
{
"name": "CVE-2023-54111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54111"
},
{
"name": "CVE-2023-54186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54186"
},
{
"name": "CVE-2025-68286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68286"
},
{
"name": "CVE-2023-53803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53803"
},
{
"name": "CVE-2022-50641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50641"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2023-53754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53754"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2023-54091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54091"
},
{
"name": "CVE-2025-40055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40055"
},
{
"name": "CVE-2023-54083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54083"
},
{
"name": "CVE-2023-54280",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54280"
},
{
"name": "CVE-2022-50834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50834"
},
{
"name": "CVE-2025-40314",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40314"
},
{
"name": "CVE-2025-40306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40306"
},
{
"name": "CVE-2022-50809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50809"
},
{
"name": "CVE-2023-54270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54270"
},
{
"name": "CVE-2023-53821",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53821"
},
{
"name": "CVE-2025-40048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40048"
},
{
"name": "CVE-2023-53799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53799"
},
{
"name": "CVE-2025-37751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37751"
},
{
"name": "CVE-2025-40254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40254"
},
{
"name": "CVE-2023-54021",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54021"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2023-54201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54201"
},
{
"name": "CVE-2025-40219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
},
{
"name": "CVE-2025-68200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68200"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68176"
},
{
"name": "CVE-2025-68204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68204"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2022-50630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50630"
},
{
"name": "CVE-2025-68380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68380"
},
{
"name": "CVE-2022-50672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50672"
},
{
"name": "CVE-2023-54309",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54309"
},
{
"name": "CVE-2022-50776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50776"
},
{
"name": "CVE-2025-68339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68339"
},
{
"name": "CVE-2025-40287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40287"
},
{
"name": "CVE-2023-53995",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53995"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2023-54255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54255"
},
{
"name": "CVE-2023-54018",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54018"
},
{
"name": "CVE-2023-54271",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54271"
},
{
"name": "CVE-2022-50702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50702"
},
{
"name": "CVE-2023-53786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53786"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2022-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50761"
},
{
"name": "CVE-2022-50866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50866"
},
{
"name": "CVE-2023-54297",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54297"
},
{
"name": "CVE-2025-40019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
},
{
"name": "CVE-2023-54112",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54112"
},
{
"name": "CVE-2025-68287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68287"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2025-71135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71135"
},
{
"name": "CVE-2025-40081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40081"
},
{
"name": "CVE-2023-54313",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54313"
},
{
"name": "CVE-2023-53759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53759"
},
{
"name": "CVE-2025-68746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68746"
},
{
"name": "CVE-2023-53845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53845"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2023-53994",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53994"
},
{
"name": "CVE-2025-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40153"
},
{
"name": "CVE-2022-50622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50622"
},
{
"name": "CVE-2025-40121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40121"
},
{
"name": "CVE-2025-40312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40312"
},
{
"name": "CVE-2025-40204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40204"
},
{
"name": "CVE-2023-54095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54095"
},
{
"name": "CVE-2025-40171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40171"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2023-54143",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54143"
},
{
"name": "CVE-2025-68238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68238"
},
{
"name": "CVE-2025-68297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68297"
},
{
"name": "CVE-2023-53813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53813"
},
{
"name": "CVE-2023-54227",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54227"
},
{
"name": "CVE-2022-50646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50646"
},
{
"name": "CVE-2023-53855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53855"
},
{
"name": "CVE-2022-50853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50853"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-40139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40139"
},
{
"name": "CVE-2023-54100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54100"
},
{
"name": "CVE-2023-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53864"
},
{
"name": "CVE-2025-40350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40350"
},
{
"name": "CVE-2025-40309",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40309"
},
{
"name": "CVE-2025-40349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40349"
},
{
"name": "CVE-2023-54246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54246"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2025-38243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38243"
},
{
"name": "CVE-2025-40343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40343"
},
{
"name": "CVE-2023-54001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54001"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2023-54253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54253"
},
{
"name": "CVE-2022-50619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50619"
},
{
"name": "CVE-2025-21658",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21658"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2025-68307",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68307"
},
{
"name": "CVE-2025-40308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40308"
},
{
"name": "CVE-2023-54324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54324"
},
{
"name": "CVE-2023-54106",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54106"
},
{
"name": "CVE-2025-40187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40187"
},
{
"name": "CVE-2025-40315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40315"
},
{
"name": "CVE-2023-53793",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53793"
},
{
"name": "CVE-2023-54213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54213"
},
{
"name": "CVE-2023-54096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54096"
},
{
"name": "CVE-2022-50636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50636"
},
{
"name": "CVE-2025-39913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-40251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40251"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-40355",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40355"
},
{
"name": "CVE-2023-54283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54283"
},
{
"name": "CVE-2023-53837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53837"
},
{
"name": "CVE-2023-54049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54049"
},
{
"name": "CVE-2024-36357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
},
{
"name": "CVE-2025-40107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40107"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2023-54066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54066"
},
{
"name": "CVE-2025-40115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
},
{
"name": "CVE-2023-54117",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54117"
},
{
"name": "CVE-2023-53999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53999"
},
{
"name": "CVE-2024-54031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54031"
},
{
"name": "CVE-2023-54038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54038"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2023-54315",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54315"
},
{
"name": "CVE-2023-54010",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54010"
},
{
"name": "CVE-2022-50774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50774"
},
{
"name": "CVE-2025-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
},
{
"name": "CVE-2022-50878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50878"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2023-54211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54211"
},
{
"name": "CVE-2023-54251",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54251"
},
{
"name": "CVE-2022-50836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50836"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2023-54156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54156"
},
{
"name": "CVE-2022-50644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50644"
},
{
"name": "CVE-2022-50846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50846"
},
{
"name": "CVE-2023-54098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54098"
},
{
"name": "CVE-2023-53750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53750"
},
{
"name": "CVE-2025-71076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71076"
},
{
"name": "CVE-2022-50842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50842"
},
{
"name": "CVE-2025-40347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40347"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2023-54037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54037"
},
{
"name": "CVE-2023-54275",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54275"
},
{
"name": "CVE-2023-52923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52923"
},
{
"name": "CVE-2023-53815",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53815"
},
{
"name": "CVE-2025-40198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40198"
},
{
"name": "CVE-2022-50668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50668"
},
{
"name": "CVE-2025-68257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68257"
},
{
"name": "CVE-2023-53818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53818"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2023-54031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54031"
},
{
"name": "CVE-2025-40173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40173"
},
{
"name": "CVE-2022-50840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50840"
},
{
"name": "CVE-2023-54305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54305"
},
{
"name": "CVE-2025-40190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40190"
},
{
"name": "CVE-2022-50756",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50756"
},
{
"name": "CVE-2023-53989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53989"
},
{
"name": "CVE-2023-54150",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54150"
},
{
"name": "CVE-2023-54199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54199"
},
{
"name": "CVE-2025-68347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68347"
},
{
"name": "CVE-2025-39944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39944"
},
{
"name": "CVE-2025-68235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68235"
},
{
"name": "CVE-2025-68770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68770"
},
{
"name": "CVE-2025-40202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40202"
},
{
"name": "CVE-2025-40311",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40311"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2023-54254",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54254"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2024-26581",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26581"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2023-54312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54312"
},
{
"name": "CVE-2023-52433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52433"
},
{
"name": "CVE-2023-54094",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54094"
},
{
"name": "CVE-2022-50700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50700"
},
{
"name": "CVE-2022-50821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50821"
},
{
"name": "CVE-2025-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40167"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2023-54110",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54110"
},
{
"name": "CVE-2022-50881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50881"
},
{
"name": "CVE-2025-37744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37744"
},
{
"name": "CVE-2023-54205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54205"
},
{
"name": "CVE-2023-53846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53846"
},
{
"name": "CVE-2023-53866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53866"
},
{
"name": "CVE-2025-40194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40194"
},
{
"name": "CVE-2023-53792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53792"
},
{
"name": "CVE-2023-54164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54164"
},
{
"name": "CVE-2025-40256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40256"
},
{
"name": "CVE-2025-71080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71080"
},
{
"name": "CVE-2025-71142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71142"
},
{
"name": "CVE-2024-56721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56721"
},
{
"name": "CVE-2025-40360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40360"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2023-54316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54316"
},
{
"name": "CVE-2022-50724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50724"
},
{
"name": "CVE-2022-50633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50633"
},
{
"name": "CVE-2025-40097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40097"
},
{
"name": "CVE-2025-68258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68258"
},
{
"name": "CVE-2023-54089",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54089"
},
{
"name": "CVE-2025-40001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40001"
},
{
"name": "CVE-2022-50859",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50859"
},
{
"name": "CVE-2022-50750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50750"
},
{
"name": "CVE-2022-50726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50726"
},
{
"name": "CVE-2023-54016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54016"
},
{
"name": "CVE-2023-54035",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54035"
},
{
"name": "CVE-2025-40322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40322"
},
{
"name": "CVE-2025-68209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68209"
},
{
"name": "CVE-2022-50814",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50814"
},
{
"name": "CVE-2025-39859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39859"
},
{
"name": "CVE-2023-54040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54040"
},
{
"name": "CVE-2025-71138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71138"
},
{
"name": "CVE-2023-54214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54214"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2023-54322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54322"
},
{
"name": "CVE-2025-40172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40172"
},
{
"name": "CVE-2023-54155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54155"
},
{
"name": "CVE-2023-54088",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54088"
},
{
"name": "CVE-2023-54090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54090"
},
{
"name": "CVE-2025-40188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40188"
},
{
"name": "CVE-2025-40271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40271"
},
{
"name": "CVE-2023-54276",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54276"
},
{
"name": "CVE-2023-53755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53755"
},
{
"name": "CVE-2023-42752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42752"
},
{
"name": "CVE-2025-40186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40186"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2023-54079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54079"
},
{
"name": "CVE-2023-54048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54048"
},
{
"name": "CVE-2023-54202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54202"
},
{
"name": "CVE-2023-54007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54007"
},
{
"name": "CVE-2023-54278",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54278"
},
{
"name": "CVE-2023-54215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54215"
},
{
"name": "CVE-2025-68308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68308"
},
{
"name": "CVE-2023-54024",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54024"
},
{
"name": "CVE-2023-53777",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53777"
},
{
"name": "CVE-2022-50781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50781"
},
{
"name": "CVE-2023-54133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54133"
},
{
"name": "CVE-2022-50860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50860"
},
{
"name": "CVE-2025-40242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40242"
},
{
"name": "CVE-2022-50649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50649"
},
{
"name": "CVE-2023-54148",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54148"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-68190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68190"
},
{
"name": "CVE-2022-50829",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50829"
},
{
"name": "CVE-2023-54064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54064"
},
{
"name": "CVE-2023-54153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54153"
},
{
"name": "CVE-2025-40169",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40169"
},
{
"name": "CVE-2022-50830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50830"
},
{
"name": "CVE-2025-40252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40252"
},
{
"name": "CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"name": "CVE-2023-53791",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53791"
},
{
"name": "CVE-2025-68218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68218"
},
{
"name": "CVE-2023-53848",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53848"
},
{
"name": "CVE-2025-68255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68255"
},
{
"name": "CVE-2023-54081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54081"
},
{
"name": "CVE-2023-54274",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54274"
},
{
"name": "CVE-2023-53828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53828"
},
{
"name": "CVE-2025-40024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40024"
},
{
"name": "CVE-2022-50666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50666"
},
{
"name": "CVE-2025-40238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40238"
},
{
"name": "CVE-2023-54185",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54185"
},
{
"name": "CVE-2023-54108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54108"
},
{
"name": "CVE-2022-50745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50745"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"name": "CVE-2025-40070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40070"
},
{
"name": "CVE-2023-54317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54317"
},
{
"name": "CVE-2025-37813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37813"
},
{
"name": "CVE-2022-50736",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50736"
},
{
"name": "CVE-2025-40106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
},
{
"name": "CVE-2022-50740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50740"
},
{
"name": "CVE-2025-68174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68174"
},
{
"name": "CVE-2025-40272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40272"
},
{
"name": "CVE-2023-54298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54298"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2022-50822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50822"
},
{
"name": "CVE-2025-68759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68759"
},
{
"name": "CVE-2025-40136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40136"
},
{
"name": "CVE-2023-53834",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53834"
},
{
"name": "CVE-2023-54053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54053"
},
{
"name": "CVE-2022-50843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50843"
},
{
"name": "CVE-2022-50769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50769"
},
{
"name": "CVE-2025-40345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40345"
},
{
"name": "CVE-2025-40205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40205"
},
{
"name": "CVE-2023-54295",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54295"
},
{
"name": "CVE-2022-50752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50752"
},
{
"name": "CVE-2023-54170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54170"
},
{
"name": "CVE-2023-53781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53781"
},
{
"name": "CVE-2025-40033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40033"
},
{
"name": "CVE-2024-42103",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42103"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68215"
},
{
"name": "CVE-2022-50253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50253"
},
{
"name": "CVE-2025-68188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68188"
},
{
"name": "CVE-2025-40269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40269"
},
{
"name": "CVE-2025-68335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68335"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2023-54223",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54223"
},
{
"name": "CVE-2023-53418",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53418"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2022-50716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50716"
},
{
"name": "CVE-2025-40075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40075"
},
{
"name": "CVE-2022-50698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50698"
},
{
"name": "CVE-2022-50844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50844"
},
{
"name": "CVE-2025-39977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39977"
},
{
"name": "CVE-2023-54045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54045"
},
{
"name": "CVE-2025-68330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68330"
},
{
"name": "CVE-2023-54101",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54101"
},
{
"name": "CVE-2023-54179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54179"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2022-50773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50773"
},
{
"name": "CVE-2022-50758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50758"
},
{
"name": "CVE-2022-50848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50848"
},
{
"name": "CVE-2025-68180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68180"
},
{
"name": "CVE-2024-36348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36348"
},
{
"name": "CVE-2023-54289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54289"
},
{
"name": "CVE-2022-50662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50662"
},
{
"name": "CVE-2023-54177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54177"
},
{
"name": "CVE-2023-54243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54243"
},
{
"name": "CVE-2025-68201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68201"
},
{
"name": "CVE-2023-54078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54078"
},
{
"name": "CVE-2022-50819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50819"
},
{
"name": "CVE-2025-40289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40289"
},
{
"name": "CVE-2025-71143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71143"
},
{
"name": "CVE-2025-68768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68768"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2023-54013",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54013"
},
{
"name": "CVE-2023-54102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54102"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2024-27005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27005"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-40292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40292"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2023-54093",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54093"
},
{
"name": "CVE-2023-53839",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53839"
},
{
"name": "CVE-2023-53752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53752"
},
{
"name": "CVE-2023-53802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53802"
},
{
"name": "CVE-2022-50887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50887"
},
{
"name": "CVE-2025-68724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
},
{
"name": "CVE-2023-54318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54318"
},
{
"name": "CVE-2026-23074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23074"
},
{
"name": "CVE-2022-50757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50757"
},
{
"name": "CVE-2022-0854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
},
{
"name": "CVE-2022-50827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50827"
},
{
"name": "CVE-2025-68252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68252"
},
{
"name": "CVE-2023-54166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54166"
},
{
"name": "CVE-2025-40274",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40274"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2023-53820",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53820"
},
{
"name": "CVE-2023-54136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54136"
},
{
"name": "CVE-2023-54225",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54225"
},
{
"name": "CVE-2025-40206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40206"
},
{
"name": "CVE-2022-50679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50679"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2025-68237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68237"
},
{
"name": "CVE-2023-54194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54194"
},
{
"name": "CVE-2025-40257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40257"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-68259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68259"
},
{
"name": "CVE-2024-26832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26832"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2025-39788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39788"
},
{
"name": "CVE-2022-50839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50839"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2023-54301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54301"
},
{
"name": "CVE-2025-68789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68789"
},
{
"name": "CVE-2025-68312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68312"
},
{
"name": "CVE-2023-53843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53843"
},
{
"name": "CVE-2025-68284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68284"
},
{
"name": "CVE-2025-68194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68194"
},
{
"name": "CVE-2025-38379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38379"
},
{
"name": "CVE-2022-50744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50744"
},
{
"name": "CVE-2025-40109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
},
{
"name": "CVE-2023-54277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54277"
},
{
"name": "CVE-2025-40006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40006"
},
{
"name": "CVE-2023-53844",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53844"
},
{
"name": "CVE-2025-40038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40038"
},
{
"name": "CVE-2025-68183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68183"
},
{
"name": "CVE-2025-39805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39805"
},
{
"name": "CVE-2023-54046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54046"
},
{
"name": "CVE-2025-40263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40263"
},
{
"name": "CVE-2022-50717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50717"
},
{
"name": "CVE-2023-54120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54120"
},
{
"name": "CVE-2023-54026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54026"
},
{
"name": "CVE-2025-68244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68244"
},
{
"name": "CVE-2025-40231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40231"
},
{
"name": "CVE-2022-50742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50742"
},
{
"name": "CVE-2025-40278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40278"
},
{
"name": "CVE-2025-71157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71157"
},
{
"name": "CVE-2025-40176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40176"
},
{
"name": "CVE-2023-53783",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53783"
},
{
"name": "CVE-2025-40342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40342"
},
{
"name": "CVE-2023-54028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54028"
},
{
"name": "CVE-2023-53858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53858"
},
{
"name": "CVE-2023-53992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53992"
},
{
"name": "CVE-2022-50722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50722"
},
{
"name": "CVE-2022-50709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50709"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2022-50728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50728"
},
{
"name": "CVE-2022-50677",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50677"
},
{
"name": "CVE-2023-54266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54266"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2025-68222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68222"
},
{
"name": "CVE-2025-68765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68765"
},
{
"name": "CVE-2023-53825",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53825"
},
{
"name": "CVE-2026-23089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23089"
},
{
"name": "CVE-2023-54003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54003"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2023-54072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54072"
},
{
"name": "CVE-2025-38322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
},
{
"name": "CVE-2023-54134",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54134"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2024-46854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46854"
},
{
"name": "CVE-2023-54291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54291"
},
{
"name": "CVE-2023-54321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54321"
},
{
"name": "CVE-2025-40279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40279"
},
{
"name": "CVE-2023-53865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53865"
},
{
"name": "CVE-2025-68328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68328"
},
{
"name": "CVE-2023-53744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53744"
},
{
"name": "CVE-2023-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53178"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2023-53823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53823"
},
{
"name": "CVE-2022-50718",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50718"
},
{
"name": "CVE-2022-50658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50658"
},
{
"name": "CVE-2023-54009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54009"
},
{
"name": "CVE-2023-54023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54023"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2022-50660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50660"
},
{
"name": "CVE-2025-68744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68744"
},
{
"name": "CVE-2024-50143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50143"
},
{
"name": "CVE-2023-54241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54241"
},
{
"name": "CVE-2025-68320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68320"
},
{
"name": "CVE-2023-54017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54017"
},
{
"name": "CVE-2025-40183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40183"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2023-53787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53787"
},
{
"name": "CVE-2022-50886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50886"
},
{
"name": "CVE-2026-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23000"
},
{
"name": "CVE-2025-68172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68172"
},
{
"name": "CVE-2023-54097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54097"
},
{
"name": "CVE-2024-53149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53149"
},
{
"name": "CVE-2022-50626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50626"
},
{
"name": "CVE-2025-40338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40338"
},
{
"name": "CVE-2022-50767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50767"
},
{
"name": "CVE-2025-40134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40134"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2023-54154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54154"
},
{
"name": "CVE-2022-50880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50880"
},
{
"name": "CVE-2025-71089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71089"
},
{
"name": "CVE-2023-54141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54141"
},
{
"name": "CVE-2022-50885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50885"
},
{
"name": "CVE-2023-53766",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53766"
},
{
"name": "CVE-2022-49980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49980"
},
{
"name": "CVE-2023-53840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53840"
},
{
"name": "CVE-2025-68296",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68296"
},
{
"name": "CVE-2023-53785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53785"
},
{
"name": "CVE-2025-40328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40328"
},
{
"name": "CVE-2025-37916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37916"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2022-50661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50661"
},
{
"name": "CVE-2025-68332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68332"
},
{
"name": "CVE-2023-54263",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54263"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2025-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40283"
},
{
"name": "CVE-2023-54284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54284"
},
{
"name": "CVE-2025-40324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40324"
},
{
"name": "CVE-2023-54181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54181"
},
{
"name": "CVE-2025-68378",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68378"
},
{
"name": "CVE-2022-50824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50824"
},
{
"name": "CVE-2025-71141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71141"
},
{
"name": "CVE-2025-38359",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38359"
},
{
"name": "CVE-2025-40177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40177"
},
{
"name": "CVE-2023-53795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53795"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2022-50623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50623"
},
{
"name": "CVE-2025-40250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40250"
},
{
"name": "CVE-2025-71101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71101"
},
{
"name": "CVE-2025-40264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40264"
},
{
"name": "CVE-2025-38728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38728"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2023-53788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53788"
},
{
"name": "CVE-2025-40074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40074"
},
{
"name": "CVE-2025-40321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40321"
},
{
"name": "CVE-2025-40116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40116"
},
{
"name": "CVE-2023-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53215"
},
{
"name": "CVE-2023-54207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54207"
},
{
"name": "CVE-2025-68249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68249"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2022-50864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50864"
},
{
"name": "CVE-2025-40158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40158"
},
{
"name": "CVE-2025-40179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40179"
},
{
"name": "CVE-2025-68742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68742"
},
{
"name": "CVE-2023-53832",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53832"
},
{
"name": "CVE-2025-40127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40127"
},
{
"name": "CVE-2025-40282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40282"
},
{
"name": "CVE-2023-53819",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53819"
},
{
"name": "CVE-2022-50715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50715"
},
{
"name": "CVE-2025-40168",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40168"
},
{
"name": "CVE-2023-54210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54210"
},
{
"name": "CVE-2025-40053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40053"
},
{
"name": "CVE-2022-50735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50735"
},
{
"name": "CVE-2023-54030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54030"
},
{
"name": "CVE-2025-40120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40120"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68192"
},
{
"name": "CVE-2023-54092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54092"
},
{
"name": "CVE-2025-68379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68379"
},
{
"name": "CVE-2023-53997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53997"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-40098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40098"
},
{
"name": "CVE-2025-40129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40129"
},
{
"name": "CVE-2025-71145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71145"
},
{
"name": "CVE-2025-68171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68171"
},
{
"name": "CVE-2023-54015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54015"
},
{
"name": "CVE-2025-40301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40301"
},
{
"name": "CVE-2025-40040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40040"
},
{
"name": "CVE-2025-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22047"
},
{
"name": "CVE-2023-54224",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54224"
},
{
"name": "CVE-2023-54235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54235"
},
{
"name": "CVE-2023-54122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54122"
},
{
"name": "CVE-2023-54119",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54119"
},
{
"name": "CVE-2025-40207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40207"
},
{
"name": "CVE-2022-50675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50675"
},
{
"name": "CVE-2023-54159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54159"
},
{
"name": "CVE-2022-50751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50751"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2023-54245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54245"
},
{
"name": "CVE-2023-54032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54032"
},
{
"name": "CVE-2023-54168",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54168"
},
{
"name": "CVE-2025-68327",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68327"
},
{
"name": "CVE-2023-53856",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53856"
},
{
"name": "CVE-2025-40318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40318"
},
{
"name": "CVE-2022-50889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50889"
},
{
"name": "CVE-2023-54146",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54146"
},
{
"name": "CVE-2025-68241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68241"
},
{
"name": "CVE-2023-54118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54118"
},
{
"name": "CVE-2025-40118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40118"
},
{
"name": "CVE-2023-53782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53782"
},
{
"name": "CVE-2023-54115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54115"
},
{
"name": "CVE-2023-54069",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54069"
},
{
"name": "CVE-2022-50699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50699"
},
{
"name": "CVE-2025-40157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40157"
},
{
"name": "CVE-2022-49943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49943"
},
{
"name": "CVE-2023-53990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53990"
},
{
"name": "CVE-2025-40021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40021"
},
{
"name": "CVE-2023-54104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54104"
},
{
"name": "CVE-2025-40135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40135"
},
{
"name": "CVE-2023-54027",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54027"
},
{
"name": "CVE-2022-50870",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50870"
},
{
"name": "CVE-2025-68734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68734"
},
{
"name": "CVE-2023-54058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54058"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2023-53417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53417"
},
{
"name": "CVE-2026-22993",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22993"
},
{
"name": "CVE-2023-53851",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53851"
},
{
"name": "CVE-2025-68345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68345"
},
{
"name": "CVE-2025-40044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2023-54311",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54311"
},
{
"name": "CVE-2025-40105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40105"
},
{
"name": "CVE-2023-54183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54183"
},
{
"name": "CVE-2023-54126",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54126"
},
{
"name": "CVE-2023-53841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53841"
},
{
"name": "CVE-2023-54326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54326"
},
{
"name": "CVE-2023-54267",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54267"
},
{
"name": "CVE-2023-54282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54282"
},
{
"name": "CVE-2025-40310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40310"
},
{
"name": "CVE-2022-50697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50697"
},
{
"name": "CVE-2022-50733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50733"
},
{
"name": "CVE-2025-40083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40083"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-22985",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22985"
},
{
"name": "CVE-2023-54006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54006"
},
{
"name": "CVE-2023-53784",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53784"
},
{
"name": "CVE-2023-54084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54084"
},
{
"name": "CVE-2025-68802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68802"
},
{
"name": "CVE-2023-54067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54067"
},
{
"name": "CVE-2022-50731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50731"
},
{
"name": "CVE-2023-54264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54264"
},
{
"name": "CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"name": "CVE-2025-40331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40331"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2025-68351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68351"
},
{
"name": "CVE-2023-54304",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54304"
},
{
"name": "CVE-2022-50851",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50851"
},
{
"name": "CVE-2022-50615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50615"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2025-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40149"
},
{
"name": "CVE-2022-50704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50704"
},
{
"name": "CVE-2023-53747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53747"
},
{
"name": "CVE-2025-40164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40164"
},
{
"name": "CVE-2022-50730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50730"
},
{
"name": "CVE-2023-54125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54125"
},
{
"name": "CVE-2022-50617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50617"
},
{
"name": "CVE-2023-54173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54173"
},
{
"name": "CVE-2023-53751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
},
{
"name": "CVE-2023-53743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53743"
},
{
"name": "CVE-2022-50656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50656"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-54036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54036"
},
{
"name": "CVE-2023-54190",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54190"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2023-53842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53842"
},
{
"name": "CVE-2025-68208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68208"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2022-50823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50823"
},
{
"name": "CVE-2023-53412",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53412"
},
{
"name": "CVE-2022-50719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50719"
},
{
"name": "CVE-2022-50703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50703"
},
{
"name": "CVE-2022-50763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50763"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2022-50727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50727"
},
{
"name": "CVE-2022-50629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50629"
},
{
"name": "CVE-2023-53762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53762"
},
{
"name": "CVE-2022-50872",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50872"
},
{
"name": "CVE-2025-68290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68290"
},
{
"name": "CVE-2025-40280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40280"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2025-40180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40180"
},
{
"name": "CVE-2025-40293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40293"
},
{
"name": "CVE-2025-68750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68750"
},
{
"name": "CVE-2023-54127",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54127"
},
{
"name": "CVE-2023-53861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53861"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-22996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22996"
},
{
"name": "CVE-2023-54197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54197"
},
{
"name": "CVE-2025-68331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68331"
},
{
"name": "CVE-2023-54137",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54137"
},
{
"name": "CVE-2023-54244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54244"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2023-54319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54319"
},
{
"name": "CVE-2025-68305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68305"
},
{
"name": "CVE-2022-50845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50845"
},
{
"name": "CVE-2025-40320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40320"
},
{
"name": "CVE-2022-50754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50754"
},
{
"name": "CVE-2025-68753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68753"
},
{
"name": "CVE-2023-54140",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54140"
},
{
"name": "CVE-2022-50856",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50856"
},
{
"name": "CVE-2025-68775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68775"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54285"
},
{
"name": "CVE-2023-54055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54055"
},
{
"name": "CVE-2023-54025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54025"
},
{
"name": "CVE-2023-53991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53991"
},
{
"name": "CVE-2023-54229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54229"
},
{
"name": "CVE-2022-50861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50861"
},
{
"name": "CVE-2022-50882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50882"
},
{
"name": "CVE-2025-40200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40200"
},
{
"name": "CVE-2023-54300",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54300"
},
{
"name": "CVE-2025-39880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
},
{
"name": "CVE-2023-54042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54042"
},
{
"name": "CVE-2022-50832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50832"
},
{
"name": "CVE-2023-53807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53807"
},
{
"name": "CVE-2022-50638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50638"
},
{
"name": "CVE-2025-40102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40102"
},
{
"name": "CVE-2023-54302",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54302"
},
{
"name": "CVE-2025-40170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40170"
},
{
"name": "CVE-2023-53811",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53811"
},
{
"name": "CVE-2025-40160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40160"
},
{
"name": "CVE-2025-40284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40284"
},
{
"name": "CVE-2023-54178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54178"
},
{
"name": "CVE-2023-54051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54051"
},
{
"name": "CVE-2023-54286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54286"
},
{
"name": "CVE-2023-54269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54269"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-53808",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53808"
},
{
"name": "CVE-2022-50849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50849"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2022-50760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50760"
},
{
"name": "CVE-2023-54008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54008"
},
{
"name": "CVE-2023-54014",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54014"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2022-50858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50858"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-40307",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40307"
},
{
"name": "CVE-2025-40111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40111"
},
{
"name": "CVE-2025-68346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68346"
},
{
"name": "CVE-2022-50888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50888"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2024-36350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
},
{
"name": "CVE-2025-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40211"
},
{
"name": "CVE-2025-40042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40042"
},
{
"name": "CVE-2023-54258",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54258"
},
{
"name": "CVE-2025-39890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39890"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71099"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2022-50640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50640"
},
{
"name": "CVE-2025-39742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
},
{
"name": "CVE-2023-54221",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54221"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"name": "CVE-2022-50747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50747"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68303"
},
{
"name": "CVE-2025-40259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40259"
},
{
"name": "CVE-2024-36349",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36349"
},
{
"name": "CVE-2023-53827",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53827"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2023-54293",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54293"
},
{
"name": "CVE-2025-40329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40329"
},
{
"name": "CVE-2022-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50782"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2022-50826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50826"
},
{
"name": "CVE-2023-54060",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54060"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-50635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50635"
},
{
"name": "CVE-2025-68766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68766"
},
{
"name": "CVE-2023-53778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53778"
},
{
"name": "CVE-2023-53746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53746"
},
{
"name": "CVE-2023-54145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54145"
},
{
"name": "CVE-2023-54171",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54171"
},
{
"name": "CVE-2022-50749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50749"
},
{
"name": "CVE-2023-54240",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54240"
},
{
"name": "CVE-2025-40059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40059"
},
{
"name": "CVE-2022-50618",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50618"
},
{
"name": "CVE-2025-68168",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68168"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2025-68206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68206"
},
{
"name": "CVE-2022-50678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50678"
},
{
"name": "CVE-2023-54247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54247"
},
{
"name": "CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"name": "CVE-2025-71100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71100"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2023-54070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54070"
},
{
"name": "CVE-2023-54204",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54204"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2025-68313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68313"
},
{
"name": "CVE-2023-53676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53676"
},
{
"name": "CVE-2023-53850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53850"
},
{
"name": "CVE-2025-38209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38209"
},
{
"name": "CVE-2023-54303",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54303"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2025-40123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40123"
},
{
"name": "CVE-2023-53998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53998"
},
{
"name": "CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2025-40297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40297"
},
{
"name": "CVE-2025-68217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68217"
},
{
"name": "CVE-2025-40178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40178"
},
{
"name": "CVE-2023-54242",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54242"
},
{
"name": "CVE-2025-68289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68289"
},
{
"name": "CVE-2025-40363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40363"
},
{
"name": "CVE-2023-53852",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53852"
},
{
"name": "CVE-2022-50777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50777"
},
{
"name": "CVE-2025-71156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71156"
},
{
"name": "CVE-2023-53862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53862"
},
{
"name": "CVE-2026-22988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22988"
},
{
"name": "CVE-2022-50664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50664"
},
{
"name": "CVE-2022-50643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50643"
},
{
"name": "CVE-2025-68245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68245"
},
{
"name": "CVE-2025-40317",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40317"
},
{
"name": "CVE-2023-53254",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53254"
},
{
"name": "CVE-2023-54020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54020"
},
{
"name": "CVE-2023-54135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54135"
},
{
"name": "CVE-2023-53996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53996"
},
{
"name": "CVE-2025-68233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68233"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2024-26944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26944"
},
{
"name": "CVE-2025-38321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38321"
},
{
"name": "CVE-2025-40316",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40316"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2023-54130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54130"
},
{
"name": "CVE-2023-54314",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54314"
},
{
"name": "CVE-2022-50625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50625"
},
{
"name": "CVE-2025-68758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68758"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2025-38539",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38539"
},
{
"name": "CVE-2025-40181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40181"
},
{
"name": "CVE-2023-54292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54292"
},
{
"name": "CVE-2023-54172",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54172"
},
{
"name": "CVE-2023-54113",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54113"
},
{
"name": "CVE-2025-40141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40141"
},
{
"name": "CVE-2025-68340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68340"
},
{
"name": "CVE-2025-40132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40132"
},
{
"name": "CVE-2023-53836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53836"
},
{
"name": "CVE-2022-50232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50232"
},
{
"name": "CVE-2025-40288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40288"
},
{
"name": "CVE-2025-68239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68239"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2023-53857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53857"
},
{
"name": "CVE-2023-53860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53860"
},
{
"name": "CVE-2025-68185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68185"
},
{
"name": "CVE-2025-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40304"
},
{
"name": "CVE-2025-40110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40110"
},
{
"name": "CVE-2023-54169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54169"
},
{
"name": "CVE-2025-40268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40268"
},
{
"name": "CVE-2025-39980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39980"
},
{
"name": "CVE-2023-54281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54281"
},
{
"name": "CVE-2023-54080",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54080"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2023-54294",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54294"
},
{
"name": "CVE-2023-53794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53794"
},
{
"name": "CVE-2025-68178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68178"
},
{
"name": "CVE-2025-40337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40337"
},
{
"name": "CVE-2022-50614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50614"
},
{
"name": "CVE-2025-40346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40346"
},
{
"name": "CVE-2023-54050",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54050"
},
{
"name": "CVE-2025-40262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40262"
},
{
"name": "CVE-2022-50828",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50828"
},
{
"name": "CVE-2025-39813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2022-50670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50670"
},
{
"name": "CVE-2023-54022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54022"
},
{
"name": "CVE-2022-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50868"
},
{
"name": "CVE-2025-40261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40261"
},
{
"name": "CVE-2025-40030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40030"
},
{
"name": "CVE-2023-54296",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54296"
},
{
"name": "CVE-2025-40244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
},
{
"name": "CVE-2025-39819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39819"
},
{
"name": "CVE-2023-54287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54287"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2022-50876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50876"
},
{
"name": "CVE-2025-40323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40323"
},
{
"name": "CVE-2025-68285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68285"
},
{
"name": "CVE-2022-50652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50652"
},
{
"name": "CVE-2022-50732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50732"
},
{
"name": "CVE-2023-54220",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54220"
},
{
"name": "CVE-2023-54198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54198"
},
{
"name": "CVE-2022-50671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50671"
},
{
"name": "CVE-2023-54209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54209"
},
{
"name": "CVE-2022-50653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50653"
},
{
"name": "CVE-2025-40275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40275"
},
{
"name": "CVE-2023-54252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54252"
},
{
"name": "CVE-2023-54019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54019"
},
{
"name": "CVE-2023-54123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54123"
},
{
"name": "CVE-2023-54236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54236"
},
{
"name": "CVE-2025-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39829"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2022-50835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50835"
},
{
"name": "CVE-2023-54189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54189"
},
{
"name": "CVE-2025-68227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68227"
},
{
"name": "CVE-2025-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40339"
},
{
"name": "CVE-2023-54260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54260"
},
{
"name": "CVE-2025-40140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40140"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2025-40223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
},
{
"name": "CVE-2022-50884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50884"
},
{
"name": "CVE-2023-54230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54230"
},
{
"name": "CVE-2023-53831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53831"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68195"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2023-54299",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54299"
},
{
"name": "CVE-2023-53768",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53768"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2023-53830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53830"
},
{
"name": "CVE-2025-40142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40142"
},
{
"name": "CVE-2022-50850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50850"
},
{
"name": "CVE-2023-54099",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54099"
},
{
"name": "CVE-2025-40159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40159"
},
{
"name": "CVE-2025-40319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40319"
},
{
"name": "CVE-2023-54219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54219"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2023-53847",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53847"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-39836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39836"
},
{
"name": "CVE-2023-54325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54325"
},
{
"name": "CVE-2023-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54121"
},
{
"name": "CVE-2023-54261",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54261"
},
{
"name": "CVE-2023-54005",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54005"
},
{
"name": "CVE-2022-50770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50770"
},
{
"name": "CVE-2025-40351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40351"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2022-50755",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50755"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-27T00:00:00",
"last_revision_date": "2026-02-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0225",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20465-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620465-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20457-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620457-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20461-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620461-1"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20477-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620477-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20459-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620459-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20468-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620468-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20471-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620471-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20464-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620464-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20470-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620470-1"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0617-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260617-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20458-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620458-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20456-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620456-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20473-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620473-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20463-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620463-1"
},
{
"published_at": "2026-02-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0587-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260587-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20467-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620467-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20466-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620466-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20478-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620478-1"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20476-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620476-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20462-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620462-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20460-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620460-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20469-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620469-1"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20479-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620479-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20472-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620472-1"
},
{
"published_at": "2026-02-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:20455-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620455-1"
}
]
}
CERTFR-2026-AVI-0170
Vulnerability from certfr_avis - Published: 2026-02-13 - Updated: 2026-02-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | Public Cloud Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | Legacy Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | N/A | Development Tools Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.3 | ||
| SUSE | N/A | Basesystem Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-50669",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50669"
},
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2023-53761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53761"
},
{
"name": "CVE-2023-53814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53814"
},
{
"name": "CVE-2025-40166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40166"
},
{
"name": "CVE-2023-53407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53407"
},
{
"name": "CVE-2023-54076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54076"
},
{
"name": "CVE-2023-54208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54208"
},
{
"name": "CVE-2023-53714",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53714"
},
{
"name": "CVE-2023-54039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54039"
},
{
"name": "CVE-2023-53804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53804"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2023-53863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53863"
},
{
"name": "CVE-2023-54131",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54131"
},
{
"name": "CVE-2023-54142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54142"
},
{
"name": "CVE-2022-50779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50779"
},
{
"name": "CVE-2023-54111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54111"
},
{
"name": "CVE-2023-54186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54186"
},
{
"name": "CVE-2025-68286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68286"
},
{
"name": "CVE-2023-53803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53803"
},
{
"name": "CVE-2022-50641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50641"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2023-53754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53754"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2023-54091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54091"
},
{
"name": "CVE-2023-54083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54083"
},
{
"name": "CVE-2023-54280",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54280"
},
{
"name": "CVE-2022-50834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50834"
},
{
"name": "CVE-2022-50809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50809"
},
{
"name": "CVE-2023-54270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54270"
},
{
"name": "CVE-2023-53685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53685"
},
{
"name": "CVE-2022-50488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50488"
},
{
"name": "CVE-2025-37751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37751"
},
{
"name": "CVE-2025-40254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40254"
},
{
"name": "CVE-2023-54021",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54021"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2023-54201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54201"
},
{
"name": "CVE-2025-68200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68200"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2023-54265",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54265"
},
{
"name": "CVE-2022-50630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50630"
},
{
"name": "CVE-2022-50672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50672"
},
{
"name": "CVE-2023-54309",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54309"
},
{
"name": "CVE-2022-50776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50776"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2023-54018",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54018"
},
{
"name": "CVE-2023-54271",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54271"
},
{
"name": "CVE-2022-50702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50702"
},
{
"name": "CVE-2023-53786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53786"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2022-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50761"
},
{
"name": "CVE-2022-50866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50866"
},
{
"name": "CVE-2025-40019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
},
{
"name": "CVE-2023-54112",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54112"
},
{
"name": "CVE-2025-71135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71135"
},
{
"name": "CVE-2022-50676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50676"
},
{
"name": "CVE-2023-53845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53845"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2022-50622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50622"
},
{
"name": "CVE-2023-54095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54095"
},
{
"name": "CVE-2025-68297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68297"
},
{
"name": "CVE-2022-50646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50646"
},
{
"name": "CVE-2022-50853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50853"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-40139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40139"
},
{
"name": "CVE-2023-54100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54100"
},
{
"name": "CVE-2025-40350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40350"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2025-38243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38243"
},
{
"name": "CVE-2023-54001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54001"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2022-50619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50619"
},
{
"name": "CVE-2025-21658",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21658"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2023-54213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54213"
},
{
"name": "CVE-2023-54096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54096"
},
{
"name": "CVE-2022-50636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50636"
},
{
"name": "CVE-2025-39913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-40355",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40355"
},
{
"name": "CVE-2023-53837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53837"
},
{
"name": "CVE-2023-54049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54049"
},
{
"name": "CVE-2024-36357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2025-40115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
},
{
"name": "CVE-2024-54031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54031"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2023-54315",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54315"
},
{
"name": "CVE-2023-54010",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54010"
},
{
"name": "CVE-2022-50774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50774"
},
{
"name": "CVE-2025-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
},
{
"name": "CVE-2022-50878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50878"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2023-54211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54211"
},
{
"name": "CVE-2022-50836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50836"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2023-54156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54156"
},
{
"name": "CVE-2022-50644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50644"
},
{
"name": "CVE-2022-50846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50846"
},
{
"name": "CVE-2023-54098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54098"
},
{
"name": "CVE-2025-71076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71076"
},
{
"name": "CVE-2022-50842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50842"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2023-54275",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54275"
},
{
"name": "CVE-2023-52923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52923"
},
{
"name": "CVE-2025-40198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40198"
},
{
"name": "CVE-2022-50668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50668"
},
{
"name": "CVE-2023-53818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53818"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2022-50840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50840"
},
{
"name": "CVE-2023-54305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54305"
},
{
"name": "CVE-2022-50756",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50756"
},
{
"name": "CVE-2023-54150",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54150"
},
{
"name": "CVE-2023-54199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54199"
},
{
"name": "CVE-2025-68770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68770"
},
{
"name": "CVE-2025-40202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40202"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2024-26581",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26581"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2023-52433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52433"
},
{
"name": "CVE-2022-50700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50700"
},
{
"name": "CVE-2022-50821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50821"
},
{
"name": "CVE-2024-41007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41007"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2023-54110",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54110"
},
{
"name": "CVE-2022-50816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50816"
},
{
"name": "CVE-2022-50881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50881"
},
{
"name": "CVE-2025-37744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37744"
},
{
"name": "CVE-2023-54205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54205"
},
{
"name": "CVE-2023-53866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53866"
},
{
"name": "CVE-2023-53792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53792"
},
{
"name": "CVE-2025-40256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40256"
},
{
"name": "CVE-2025-71080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71080"
},
{
"name": "CVE-2025-71142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71142"
},
{
"name": "CVE-2024-56721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56721"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2022-50724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50724"
},
{
"name": "CVE-2022-50633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50633"
},
{
"name": "CVE-2025-40097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40097"
},
{
"name": "CVE-2022-50859",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50859"
},
{
"name": "CVE-2022-50750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50750"
},
{
"name": "CVE-2022-50726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50726"
},
{
"name": "CVE-2022-50814",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50814"
},
{
"name": "CVE-2023-54040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54040"
},
{
"name": "CVE-2025-71138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71138"
},
{
"name": "CVE-2023-54214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54214"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2023-53148",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53148"
},
{
"name": "CVE-2023-54090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54090"
},
{
"name": "CVE-2025-40271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40271"
},
{
"name": "CVE-2023-53755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53755"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2023-54079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54079"
},
{
"name": "CVE-2023-54048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54048"
},
{
"name": "CVE-2023-54202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54202"
},
{
"name": "CVE-2023-54007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54007"
},
{
"name": "CVE-2023-54024",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54024"
},
{
"name": "CVE-2024-50040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50040"
},
{
"name": "CVE-2022-50781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50781"
},
{
"name": "CVE-2022-50860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50860"
},
{
"name": "CVE-2022-50780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50780"
},
{
"name": "CVE-2022-50649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50649"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-68190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68190"
},
{
"name": "CVE-2022-50829",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50829"
},
{
"name": "CVE-2023-54064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54064"
},
{
"name": "CVE-2023-54153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54153"
},
{
"name": "CVE-2022-50830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50830"
},
{
"name": "CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"name": "CVE-2023-54274",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54274"
},
{
"name": "CVE-2022-50666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50666"
},
{
"name": "CVE-2025-40238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40238"
},
{
"name": "CVE-2023-54108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54108"
},
{
"name": "CVE-2022-50745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50745"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"name": "CVE-2023-54317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54317"
},
{
"name": "CVE-2025-37813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37813"
},
{
"name": "CVE-2022-50736",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50736"
},
{
"name": "CVE-2025-40106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
},
{
"name": "CVE-2022-50740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50740"
},
{
"name": "CVE-2025-68174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68174"
},
{
"name": "CVE-2022-50329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50329"
},
{
"name": "CVE-2023-54298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54298"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2022-50822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50822"
},
{
"name": "CVE-2025-40136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40136"
},
{
"name": "CVE-2023-53834",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53834"
},
{
"name": "CVE-2023-54053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54053"
},
{
"name": "CVE-2022-50843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50843"
},
{
"name": "CVE-2022-50769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50769"
},
{
"name": "CVE-2025-40345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40345"
},
{
"name": "CVE-2023-54295",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54295"
},
{
"name": "CVE-2022-50752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50752"
},
{
"name": "CVE-2023-54170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54170"
},
{
"name": "CVE-2023-53781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53781"
},
{
"name": "CVE-2024-42103",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42103"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68215"
},
{
"name": "CVE-2025-68188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68188"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2023-53418",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53418"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2022-50716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50716"
},
{
"name": "CVE-2022-50698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50698"
},
{
"name": "CVE-2022-50844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50844"
},
{
"name": "CVE-2025-39977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39977"
},
{
"name": "CVE-2023-54045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54045"
},
{
"name": "CVE-2023-54179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54179"
},
{
"name": "CVE-2022-50773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50773"
},
{
"name": "CVE-2022-50758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50758"
},
{
"name": "CVE-2022-50848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50848"
},
{
"name": "CVE-2024-36348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36348"
},
{
"name": "CVE-2023-54289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54289"
},
{
"name": "CVE-2022-50662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50662"
},
{
"name": "CVE-2023-54177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54177"
},
{
"name": "CVE-2023-54243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54243"
},
{
"name": "CVE-2023-54078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54078"
},
{
"name": "CVE-2022-50819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50819"
},
{
"name": "CVE-2025-71143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71143"
},
{
"name": "CVE-2025-68768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68768"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2023-54013",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54013"
},
{
"name": "CVE-2023-54102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54102"
},
{
"name": "CVE-2023-52983",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52983"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2024-27005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27005"
},
{
"name": "CVE-2024-26935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26935"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2023-53802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53802"
},
{
"name": "CVE-2022-50887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50887"
},
{
"name": "CVE-2022-50757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50757"
},
{
"name": "CVE-2022-0854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
},
{
"name": "CVE-2022-50827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50827"
},
{
"name": "CVE-2023-54166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54166"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2023-53820",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53820"
},
{
"name": "CVE-2023-54136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54136"
},
{
"name": "CVE-2025-38007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38007"
},
{
"name": "CVE-2025-40088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
},
{
"name": "CVE-2022-50679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50679"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2025-40257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40257"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2024-26832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26832"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2022-50839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50839"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2023-54301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54301"
},
{
"name": "CVE-2025-68789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68789"
},
{
"name": "CVE-2025-68312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68312"
},
{
"name": "CVE-2025-68284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68284"
},
{
"name": "CVE-2025-38379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38379"
},
{
"name": "CVE-2022-50744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50744"
},
{
"name": "CVE-2023-54277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54277"
},
{
"name": "CVE-2023-53844",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53844"
},
{
"name": "CVE-2025-68183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68183"
},
{
"name": "CVE-2025-68774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68774"
},
{
"name": "CVE-2023-54046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54046"
},
{
"name": "CVE-2022-50717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50717"
},
{
"name": "CVE-2023-54120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54120"
},
{
"name": "CVE-2023-54026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54026"
},
{
"name": "CVE-2022-50742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50742"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2025-71157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71157"
},
{
"name": "CVE-2023-53783",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53783"
},
{
"name": "CVE-2024-56690",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56690"
},
{
"name": "CVE-2023-54028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54028"
},
{
"name": "CVE-2023-53858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53858"
},
{
"name": "CVE-2023-53992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53992"
},
{
"name": "CVE-2022-50722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50722"
},
{
"name": "CVE-2022-50709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50709"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2022-50728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50728"
},
{
"name": "CVE-2022-50677",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50677"
},
{
"name": "CVE-2023-54266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54266"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2023-53825",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53825"
},
{
"name": "CVE-2023-54003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54003"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2023-54072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54072"
},
{
"name": "CVE-2025-38322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
},
{
"name": "CVE-2023-54134",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54134"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2023-54321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54321"
},
{
"name": "CVE-2023-53744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53744"
},
{
"name": "CVE-2023-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53178"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2022-50718",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50718"
},
{
"name": "CVE-2022-50658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50658"
},
{
"name": "CVE-2023-54009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54009"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2022-50660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50660"
},
{
"name": "CVE-2024-50143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50143"
},
{
"name": "CVE-2025-68320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68320"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2022-50886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50886"
},
{
"name": "CVE-2026-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23000"
},
{
"name": "CVE-2023-54097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54097"
},
{
"name": "CVE-2024-53149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53149"
},
{
"name": "CVE-2022-50626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50626"
},
{
"name": "CVE-2022-50767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50767"
},
{
"name": "CVE-2023-53853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53853"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2022-50880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50880"
},
{
"name": "CVE-2025-71089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71089"
},
{
"name": "CVE-2022-48838",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48838"
},
{
"name": "CVE-2022-50885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50885"
},
{
"name": "CVE-2023-53766",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53766"
},
{
"name": "CVE-2022-49980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49980"
},
{
"name": "CVE-2023-53840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53840"
},
{
"name": "CVE-2025-68296",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68296"
},
{
"name": "CVE-2025-40328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40328"
},
{
"name": "CVE-2023-53464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53464"
},
{
"name": "CVE-2022-50661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50661"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2023-54284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54284"
},
{
"name": "CVE-2022-50824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50824"
},
{
"name": "CVE-2025-71141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71141"
},
{
"name": "CVE-2025-40177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40177"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2022-50623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50623"
},
{
"name": "CVE-2025-71101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71101"
},
{
"name": "CVE-2025-40264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40264"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2023-53788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53788"
},
{
"name": "CVE-2022-50580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50580"
},
{
"name": "CVE-2023-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53215"
},
{
"name": "CVE-2023-54207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54207"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2022-50864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50864"
},
{
"name": "CVE-2023-53832",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53832"
},
{
"name": "CVE-2023-53819",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53819"
},
{
"name": "CVE-2022-50715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50715"
},
{
"name": "CVE-2022-50735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50735"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68192"
},
{
"name": "CVE-2023-54092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54092"
},
{
"name": "CVE-2025-68379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68379"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-71145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71145"
},
{
"name": "CVE-2025-68171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68171"
},
{
"name": "CVE-2023-54015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54015"
},
{
"name": "CVE-2025-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22047"
},
{
"name": "CVE-2023-54122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54122"
},
{
"name": "CVE-2023-54119",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54119"
},
{
"name": "CVE-2022-50675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50675"
},
{
"name": "CVE-2023-54159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54159"
},
{
"name": "CVE-2022-50751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50751"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2023-54245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54245"
},
{
"name": "CVE-2022-50347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50347"
},
{
"name": "CVE-2023-54168",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54168"
},
{
"name": "CVE-2025-68327",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68327"
},
{
"name": "CVE-2022-50889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50889"
},
{
"name": "CVE-2023-54146",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54146"
},
{
"name": "CVE-2025-68241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68241"
},
{
"name": "CVE-2023-54118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54118"
},
{
"name": "CVE-2023-54115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54115"
},
{
"name": "CVE-2022-50699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50699"
},
{
"name": "CVE-2022-49943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49943"
},
{
"name": "CVE-2023-53990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53990"
},
{
"name": "CVE-2023-54104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54104"
},
{
"name": "CVE-2022-50870",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50870"
},
{
"name": "CVE-2023-54058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54058"
},
{
"name": "CVE-2023-52874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52874"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2023-53417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53417"
},
{
"name": "CVE-2026-22993",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22993"
},
{
"name": "CVE-2025-40044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2023-54311",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54311"
},
{
"name": "CVE-2023-54183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54183"
},
{
"name": "CVE-2023-54126",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54126"
},
{
"name": "CVE-2023-54326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54326"
},
{
"name": "CVE-2023-54282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54282"
},
{
"name": "CVE-2022-50697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50697"
},
{
"name": "CVE-2022-50733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50733"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-22985",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22985"
},
{
"name": "CVE-2023-54084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54084"
},
{
"name": "CVE-2025-68802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68802"
},
{
"name": "CVE-2023-54067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54067"
},
{
"name": "CVE-2022-50731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50731"
},
{
"name": "CVE-2023-54264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54264"
},
{
"name": "CVE-2025-40331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40331"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2023-54304",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54304"
},
{
"name": "CVE-2022-50851",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50851"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2022-50615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50615"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2022-50704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50704"
},
{
"name": "CVE-2023-53747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53747"
},
{
"name": "CVE-2022-50730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50730"
},
{
"name": "CVE-2022-50617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50617"
},
{
"name": "CVE-2023-54173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54173"
},
{
"name": "CVE-2023-53751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
},
{
"name": "CVE-2023-53743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53743"
},
{
"name": "CVE-2022-50656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50656"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-54036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54036"
},
{
"name": "CVE-2023-54190",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54190"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2023-53842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53842"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2022-50823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50823"
},
{
"name": "CVE-2023-53412",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53412"
},
{
"name": "CVE-2022-50719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50719"
},
{
"name": "CVE-2022-50703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50703"
},
{
"name": "CVE-2022-50763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50763"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2022-50727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50727"
},
{
"name": "CVE-2022-50629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50629"
},
{
"name": "CVE-2022-50872",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50872"
},
{
"name": "CVE-2025-40280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40280"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2023-54127",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54127"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-22996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22996"
},
{
"name": "CVE-2023-54197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54197"
},
{
"name": "CVE-2023-54244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54244"
},
{
"name": "CVE-2022-50865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2023-54319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54319"
},
{
"name": "CVE-2025-68305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68305"
},
{
"name": "CVE-2022-50845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50845"
},
{
"name": "CVE-2022-50754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50754"
},
{
"name": "CVE-2023-54140",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54140"
},
{
"name": "CVE-2022-50856",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50856"
},
{
"name": "CVE-2025-68775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68775"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54055"
},
{
"name": "CVE-2023-54025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54025"
},
{
"name": "CVE-2023-53991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53991"
},
{
"name": "CVE-2022-50861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50861"
},
{
"name": "CVE-2022-50882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50882"
},
{
"name": "CVE-2023-54300",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54300"
},
{
"name": "CVE-2025-39880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
},
{
"name": "CVE-2023-54042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54042"
},
{
"name": "CVE-2022-50832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50832"
},
{
"name": "CVE-2022-50638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50638"
},
{
"name": "CVE-2023-52525",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52525"
},
{
"name": "CVE-2023-54302",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54302"
},
{
"name": "CVE-2023-53811",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53811"
},
{
"name": "CVE-2023-54051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54051"
},
{
"name": "CVE-2023-54286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54286"
},
{
"name": "CVE-2023-54269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54269"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-53808",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53808"
},
{
"name": "CVE-2022-50849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50849"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2022-50760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50760"
},
{
"name": "CVE-2023-54014",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54014"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2022-50858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50858"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2022-50888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50888"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2024-36350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71099"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2022-50640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50640"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2022-50747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50747"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68303"
},
{
"name": "CVE-2025-40259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40259"
},
{
"name": "CVE-2024-36349",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36349"
},
{
"name": "CVE-2023-53226",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53226"
},
{
"name": "CVE-2023-53827",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53827"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2023-54293",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54293"
},
{
"name": "CVE-2022-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50782"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2022-50826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50826"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-50635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50635"
},
{
"name": "CVE-2023-53746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53746"
},
{
"name": "CVE-2023-54171",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54171"
},
{
"name": "CVE-2022-50749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50749"
},
{
"name": "CVE-2022-50618",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50618"
},
{
"name": "CVE-2023-54218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54218"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2022-50678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50678"
},
{
"name": "CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"name": "CVE-2025-71100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71100"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2023-53850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53850"
},
{
"name": "CVE-2025-38209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38209"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2023-53998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53998"
},
{
"name": "CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2023-54242",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54242"
},
{
"name": "CVE-2025-40363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40363"
},
{
"name": "CVE-2023-53852",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53852"
},
{
"name": "CVE-2022-50777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50777"
},
{
"name": "CVE-2025-71156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71156"
},
{
"name": "CVE-2023-53862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53862"
},
{
"name": "CVE-2026-22988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22988"
},
{
"name": "CVE-2022-50664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50664"
},
{
"name": "CVE-2023-50756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50756"
},
{
"name": "CVE-2022-50643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50643"
},
{
"name": "CVE-2025-68245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68245"
},
{
"name": "CVE-2023-53254",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53254"
},
{
"name": "CVE-2023-54020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54020"
},
{
"name": "CVE-2023-53996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53996"
},
{
"name": "CVE-2023-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52999"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2023-54130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54130"
},
{
"name": "CVE-2022-50625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50625"
},
{
"name": "CVE-2023-54012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54012"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2025-38539",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38539"
},
{
"name": "CVE-2025-40181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40181"
},
{
"name": "CVE-2023-54292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54292"
},
{
"name": "CVE-2025-40132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40132"
},
{
"name": "CVE-2022-50232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50232"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2023-54294",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54294"
},
{
"name": "CVE-2023-53794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53794"
},
{
"name": "CVE-2025-68178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68178"
},
{
"name": "CVE-2022-50614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50614"
},
{
"name": "CVE-2023-54050",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54050"
},
{
"name": "CVE-2022-50828",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50828"
},
{
"name": "CVE-2025-39813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2022-50670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50670"
},
{
"name": "CVE-2022-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50868"
},
{
"name": "CVE-2025-40261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40261"
},
{
"name": "CVE-2023-54287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54287"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2022-50876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50876"
},
{
"name": "CVE-2025-40323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40323"
},
{
"name": "CVE-2025-68285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68285"
},
{
"name": "CVE-2022-50652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50652"
},
{
"name": "CVE-2022-50732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50732"
},
{
"name": "CVE-2023-54198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54198"
},
{
"name": "CVE-2022-50671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50671"
},
{
"name": "CVE-2023-54047",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54047"
},
{
"name": "CVE-2022-50653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50653"
},
{
"name": "CVE-2023-54252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54252"
},
{
"name": "CVE-2023-54019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54019"
},
{
"name": "CVE-2023-54123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54123"
},
{
"name": "CVE-2023-54236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54236"
},
{
"name": "CVE-2025-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39829"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2022-50835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50835"
},
{
"name": "CVE-2023-54189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54189"
},
{
"name": "CVE-2025-68227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68227"
},
{
"name": "CVE-2025-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40339"
},
{
"name": "CVE-2023-54260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54260"
},
{
"name": "CVE-2022-50884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50884"
},
{
"name": "CVE-2023-54230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54230"
},
{
"name": "CVE-2022-50786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50786"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2023-54299",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54299"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2025-68767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68767"
},
{
"name": "CVE-2023-53830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53830"
},
{
"name": "CVE-2025-40142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40142"
},
{
"name": "CVE-2022-50850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50850"
},
{
"name": "CVE-2023-54219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54219"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2023-53847",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53847"
},
{
"name": "CVE-2025-39836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39836"
},
{
"name": "CVE-2023-54325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54325"
},
{
"name": "CVE-2023-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54121"
},
{
"name": "CVE-2022-50770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50770"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2025-40087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
},
{
"name": "CVE-2022-50755",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50755"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-13T00:00:00",
"last_revision_date": "2026-02-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0170",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0472-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260472-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0471-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260471-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0474-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260474-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0473-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260473-1"
},
{
"published_at": "2026-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0411-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260411-1"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0447-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260447-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0475-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260475-1"
}
]
}
CERTFR-2026-AVI-0170
Vulnerability from certfr_avis - Published: 2026-02-13 - Updated: 2026-02-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | Public Cloud Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | Legacy Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | N/A | Development Tools Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.3 | ||
| SUSE | N/A | Basesystem Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-50669",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50669"
},
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2023-53761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53761"
},
{
"name": "CVE-2023-53814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53814"
},
{
"name": "CVE-2025-40166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40166"
},
{
"name": "CVE-2023-53407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53407"
},
{
"name": "CVE-2023-54076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54076"
},
{
"name": "CVE-2023-54208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54208"
},
{
"name": "CVE-2023-53714",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53714"
},
{
"name": "CVE-2023-54039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54039"
},
{
"name": "CVE-2023-53804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53804"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2023-53863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53863"
},
{
"name": "CVE-2023-54131",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54131"
},
{
"name": "CVE-2023-54142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54142"
},
{
"name": "CVE-2022-50779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50779"
},
{
"name": "CVE-2023-54111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54111"
},
{
"name": "CVE-2023-54186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54186"
},
{
"name": "CVE-2025-68286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68286"
},
{
"name": "CVE-2023-53803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53803"
},
{
"name": "CVE-2022-50641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50641"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2023-53754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53754"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2023-54091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54091"
},
{
"name": "CVE-2023-54083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54083"
},
{
"name": "CVE-2023-54280",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54280"
},
{
"name": "CVE-2022-50834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50834"
},
{
"name": "CVE-2022-50809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50809"
},
{
"name": "CVE-2023-54270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54270"
},
{
"name": "CVE-2023-53685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53685"
},
{
"name": "CVE-2022-50488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50488"
},
{
"name": "CVE-2025-37751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37751"
},
{
"name": "CVE-2025-40254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40254"
},
{
"name": "CVE-2023-54021",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54021"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2023-54201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54201"
},
{
"name": "CVE-2025-68200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68200"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2023-54265",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54265"
},
{
"name": "CVE-2022-50630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50630"
},
{
"name": "CVE-2022-50672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50672"
},
{
"name": "CVE-2023-54309",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54309"
},
{
"name": "CVE-2022-50776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50776"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2023-54018",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54018"
},
{
"name": "CVE-2023-54271",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54271"
},
{
"name": "CVE-2022-50702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50702"
},
{
"name": "CVE-2023-53786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53786"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2022-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50761"
},
{
"name": "CVE-2022-50866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50866"
},
{
"name": "CVE-2025-40019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
},
{
"name": "CVE-2023-54112",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54112"
},
{
"name": "CVE-2025-71135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71135"
},
{
"name": "CVE-2022-50676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50676"
},
{
"name": "CVE-2023-53845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53845"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2022-50622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50622"
},
{
"name": "CVE-2023-54095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54095"
},
{
"name": "CVE-2025-68297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68297"
},
{
"name": "CVE-2022-50646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50646"
},
{
"name": "CVE-2022-50853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50853"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-40139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40139"
},
{
"name": "CVE-2023-54100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54100"
},
{
"name": "CVE-2025-40350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40350"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2025-38243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38243"
},
{
"name": "CVE-2023-54001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54001"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2022-50619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50619"
},
{
"name": "CVE-2025-21658",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21658"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2023-54213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54213"
},
{
"name": "CVE-2023-54096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54096"
},
{
"name": "CVE-2022-50636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50636"
},
{
"name": "CVE-2025-39913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-40355",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40355"
},
{
"name": "CVE-2023-53837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53837"
},
{
"name": "CVE-2023-54049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54049"
},
{
"name": "CVE-2024-36357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2025-40115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
},
{
"name": "CVE-2024-54031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54031"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2023-54315",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54315"
},
{
"name": "CVE-2023-54010",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54010"
},
{
"name": "CVE-2022-50774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50774"
},
{
"name": "CVE-2025-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
},
{
"name": "CVE-2022-50878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50878"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2023-54211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54211"
},
{
"name": "CVE-2022-50836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50836"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2023-54156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54156"
},
{
"name": "CVE-2022-50644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50644"
},
{
"name": "CVE-2022-50846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50846"
},
{
"name": "CVE-2023-54098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54098"
},
{
"name": "CVE-2025-71076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71076"
},
{
"name": "CVE-2022-50842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50842"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2023-54275",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54275"
},
{
"name": "CVE-2023-52923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52923"
},
{
"name": "CVE-2025-40198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40198"
},
{
"name": "CVE-2022-50668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50668"
},
{
"name": "CVE-2023-53818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53818"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2022-50840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50840"
},
{
"name": "CVE-2023-54305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54305"
},
{
"name": "CVE-2022-50756",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50756"
},
{
"name": "CVE-2023-54150",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54150"
},
{
"name": "CVE-2023-54199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54199"
},
{
"name": "CVE-2025-68770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68770"
},
{
"name": "CVE-2025-40202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40202"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2024-26581",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26581"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2023-52433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52433"
},
{
"name": "CVE-2022-50700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50700"
},
{
"name": "CVE-2022-50821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50821"
},
{
"name": "CVE-2024-41007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41007"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2023-54110",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54110"
},
{
"name": "CVE-2022-50816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50816"
},
{
"name": "CVE-2022-50881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50881"
},
{
"name": "CVE-2025-37744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37744"
},
{
"name": "CVE-2023-54205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54205"
},
{
"name": "CVE-2023-53866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53866"
},
{
"name": "CVE-2023-53792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53792"
},
{
"name": "CVE-2025-40256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40256"
},
{
"name": "CVE-2025-71080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71080"
},
{
"name": "CVE-2025-71142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71142"
},
{
"name": "CVE-2024-56721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56721"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2022-50724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50724"
},
{
"name": "CVE-2022-50633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50633"
},
{
"name": "CVE-2025-40097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40097"
},
{
"name": "CVE-2022-50859",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50859"
},
{
"name": "CVE-2022-50750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50750"
},
{
"name": "CVE-2022-50726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50726"
},
{
"name": "CVE-2022-50814",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50814"
},
{
"name": "CVE-2023-54040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54040"
},
{
"name": "CVE-2025-71138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71138"
},
{
"name": "CVE-2023-54214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54214"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2023-53148",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53148"
},
{
"name": "CVE-2023-54090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54090"
},
{
"name": "CVE-2025-40271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40271"
},
{
"name": "CVE-2023-53755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53755"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2023-54079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54079"
},
{
"name": "CVE-2023-54048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54048"
},
{
"name": "CVE-2023-54202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54202"
},
{
"name": "CVE-2023-54007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54007"
},
{
"name": "CVE-2023-54024",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54024"
},
{
"name": "CVE-2024-50040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50040"
},
{
"name": "CVE-2022-50781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50781"
},
{
"name": "CVE-2022-50860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50860"
},
{
"name": "CVE-2022-50780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50780"
},
{
"name": "CVE-2022-50649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50649"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-68190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68190"
},
{
"name": "CVE-2022-50829",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50829"
},
{
"name": "CVE-2023-54064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54064"
},
{
"name": "CVE-2023-54153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54153"
},
{
"name": "CVE-2022-50830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50830"
},
{
"name": "CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"name": "CVE-2023-54274",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54274"
},
{
"name": "CVE-2022-50666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50666"
},
{
"name": "CVE-2025-40238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40238"
},
{
"name": "CVE-2023-54108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54108"
},
{
"name": "CVE-2022-50745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50745"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"name": "CVE-2023-54317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54317"
},
{
"name": "CVE-2025-37813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37813"
},
{
"name": "CVE-2022-50736",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50736"
},
{
"name": "CVE-2025-40106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
},
{
"name": "CVE-2022-50740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50740"
},
{
"name": "CVE-2025-68174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68174"
},
{
"name": "CVE-2022-50329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50329"
},
{
"name": "CVE-2023-54298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54298"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2022-50822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50822"
},
{
"name": "CVE-2025-40136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40136"
},
{
"name": "CVE-2023-53834",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53834"
},
{
"name": "CVE-2023-54053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54053"
},
{
"name": "CVE-2022-50843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50843"
},
{
"name": "CVE-2022-50769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50769"
},
{
"name": "CVE-2025-40345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40345"
},
{
"name": "CVE-2023-54295",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54295"
},
{
"name": "CVE-2022-50752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50752"
},
{
"name": "CVE-2023-54170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54170"
},
{
"name": "CVE-2023-53781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53781"
},
{
"name": "CVE-2024-42103",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42103"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68215"
},
{
"name": "CVE-2025-68188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68188"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2023-53418",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53418"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2022-50716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50716"
},
{
"name": "CVE-2022-50698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50698"
},
{
"name": "CVE-2022-50844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50844"
},
{
"name": "CVE-2025-39977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39977"
},
{
"name": "CVE-2023-54045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54045"
},
{
"name": "CVE-2023-54179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54179"
},
{
"name": "CVE-2022-50773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50773"
},
{
"name": "CVE-2022-50758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50758"
},
{
"name": "CVE-2022-50848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50848"
},
{
"name": "CVE-2024-36348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36348"
},
{
"name": "CVE-2023-54289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54289"
},
{
"name": "CVE-2022-50662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50662"
},
{
"name": "CVE-2023-54177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54177"
},
{
"name": "CVE-2023-54243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54243"
},
{
"name": "CVE-2023-54078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54078"
},
{
"name": "CVE-2022-50819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50819"
},
{
"name": "CVE-2025-71143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71143"
},
{
"name": "CVE-2025-68768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68768"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2023-54013",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54013"
},
{
"name": "CVE-2023-54102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54102"
},
{
"name": "CVE-2023-52983",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52983"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2024-27005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27005"
},
{
"name": "CVE-2024-26935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26935"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2023-53802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53802"
},
{
"name": "CVE-2022-50887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50887"
},
{
"name": "CVE-2022-50757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50757"
},
{
"name": "CVE-2022-0854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
},
{
"name": "CVE-2022-50827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50827"
},
{
"name": "CVE-2023-54166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54166"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2023-53820",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53820"
},
{
"name": "CVE-2023-54136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54136"
},
{
"name": "CVE-2025-38007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38007"
},
{
"name": "CVE-2025-40088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
},
{
"name": "CVE-2022-50679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50679"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2025-40257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40257"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2024-26832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26832"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2022-50839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50839"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2023-54301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54301"
},
{
"name": "CVE-2025-68789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68789"
},
{
"name": "CVE-2025-68312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68312"
},
{
"name": "CVE-2025-68284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68284"
},
{
"name": "CVE-2025-38379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38379"
},
{
"name": "CVE-2022-50744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50744"
},
{
"name": "CVE-2023-54277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54277"
},
{
"name": "CVE-2023-53844",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53844"
},
{
"name": "CVE-2025-68183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68183"
},
{
"name": "CVE-2025-68774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68774"
},
{
"name": "CVE-2023-54046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54046"
},
{
"name": "CVE-2022-50717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50717"
},
{
"name": "CVE-2023-54120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54120"
},
{
"name": "CVE-2023-54026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54026"
},
{
"name": "CVE-2022-50742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50742"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2025-71157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71157"
},
{
"name": "CVE-2023-53783",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53783"
},
{
"name": "CVE-2024-56690",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56690"
},
{
"name": "CVE-2023-54028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54028"
},
{
"name": "CVE-2023-53858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53858"
},
{
"name": "CVE-2023-53992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53992"
},
{
"name": "CVE-2022-50722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50722"
},
{
"name": "CVE-2022-50709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50709"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2022-50728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50728"
},
{
"name": "CVE-2022-50677",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50677"
},
{
"name": "CVE-2023-54266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54266"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2023-53825",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53825"
},
{
"name": "CVE-2023-54003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54003"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2023-54072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54072"
},
{
"name": "CVE-2025-38322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
},
{
"name": "CVE-2023-54134",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54134"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2023-54321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54321"
},
{
"name": "CVE-2023-53744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53744"
},
{
"name": "CVE-2023-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53178"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2022-50718",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50718"
},
{
"name": "CVE-2022-50658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50658"
},
{
"name": "CVE-2023-54009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54009"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2022-50660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50660"
},
{
"name": "CVE-2024-50143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50143"
},
{
"name": "CVE-2025-68320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68320"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2022-50886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50886"
},
{
"name": "CVE-2026-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23000"
},
{
"name": "CVE-2023-54097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54097"
},
{
"name": "CVE-2024-53149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53149"
},
{
"name": "CVE-2022-50626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50626"
},
{
"name": "CVE-2022-50767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50767"
},
{
"name": "CVE-2023-53853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53853"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2022-50880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50880"
},
{
"name": "CVE-2025-71089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71089"
},
{
"name": "CVE-2022-48838",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48838"
},
{
"name": "CVE-2022-50885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50885"
},
{
"name": "CVE-2023-53766",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53766"
},
{
"name": "CVE-2022-49980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49980"
},
{
"name": "CVE-2023-53840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53840"
},
{
"name": "CVE-2025-68296",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68296"
},
{
"name": "CVE-2025-40328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40328"
},
{
"name": "CVE-2023-53464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53464"
},
{
"name": "CVE-2022-50661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50661"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2023-54284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54284"
},
{
"name": "CVE-2022-50824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50824"
},
{
"name": "CVE-2025-71141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71141"
},
{
"name": "CVE-2025-40177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40177"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2022-50623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50623"
},
{
"name": "CVE-2025-71101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71101"
},
{
"name": "CVE-2025-40264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40264"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2023-53788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53788"
},
{
"name": "CVE-2022-50580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50580"
},
{
"name": "CVE-2023-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53215"
},
{
"name": "CVE-2023-54207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54207"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2022-50864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50864"
},
{
"name": "CVE-2023-53832",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53832"
},
{
"name": "CVE-2023-53819",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53819"
},
{
"name": "CVE-2022-50715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50715"
},
{
"name": "CVE-2022-50735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50735"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68192"
},
{
"name": "CVE-2023-54092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54092"
},
{
"name": "CVE-2025-68379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68379"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-71145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71145"
},
{
"name": "CVE-2025-68171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68171"
},
{
"name": "CVE-2023-54015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54015"
},
{
"name": "CVE-2025-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22047"
},
{
"name": "CVE-2023-54122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54122"
},
{
"name": "CVE-2023-54119",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54119"
},
{
"name": "CVE-2022-50675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50675"
},
{
"name": "CVE-2023-54159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54159"
},
{
"name": "CVE-2022-50751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50751"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2023-54245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54245"
},
{
"name": "CVE-2022-50347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50347"
},
{
"name": "CVE-2023-54168",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54168"
},
{
"name": "CVE-2025-68327",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68327"
},
{
"name": "CVE-2022-50889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50889"
},
{
"name": "CVE-2023-54146",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54146"
},
{
"name": "CVE-2025-68241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68241"
},
{
"name": "CVE-2023-54118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54118"
},
{
"name": "CVE-2023-54115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54115"
},
{
"name": "CVE-2022-50699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50699"
},
{
"name": "CVE-2022-49943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49943"
},
{
"name": "CVE-2023-53990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53990"
},
{
"name": "CVE-2023-54104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54104"
},
{
"name": "CVE-2022-50870",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50870"
},
{
"name": "CVE-2023-54058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54058"
},
{
"name": "CVE-2023-52874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52874"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2023-53417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53417"
},
{
"name": "CVE-2026-22993",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22993"
},
{
"name": "CVE-2025-40044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2023-54311",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54311"
},
{
"name": "CVE-2023-54183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54183"
},
{
"name": "CVE-2023-54126",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54126"
},
{
"name": "CVE-2023-54326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54326"
},
{
"name": "CVE-2023-54282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54282"
},
{
"name": "CVE-2022-50697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50697"
},
{
"name": "CVE-2022-50733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50733"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-22985",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22985"
},
{
"name": "CVE-2023-54084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54084"
},
{
"name": "CVE-2025-68802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68802"
},
{
"name": "CVE-2023-54067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54067"
},
{
"name": "CVE-2022-50731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50731"
},
{
"name": "CVE-2023-54264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54264"
},
{
"name": "CVE-2025-40331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40331"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2023-54304",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54304"
},
{
"name": "CVE-2022-50851",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50851"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2022-50615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50615"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2022-50704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50704"
},
{
"name": "CVE-2023-53747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53747"
},
{
"name": "CVE-2022-50730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50730"
},
{
"name": "CVE-2022-50617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50617"
},
{
"name": "CVE-2023-54173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54173"
},
{
"name": "CVE-2023-53751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
},
{
"name": "CVE-2023-53743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53743"
},
{
"name": "CVE-2022-50656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50656"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-54036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54036"
},
{
"name": "CVE-2023-54190",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54190"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2023-53842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53842"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2022-50823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50823"
},
{
"name": "CVE-2023-53412",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53412"
},
{
"name": "CVE-2022-50719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50719"
},
{
"name": "CVE-2022-50703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50703"
},
{
"name": "CVE-2022-50763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50763"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2022-50727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50727"
},
{
"name": "CVE-2022-50629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50629"
},
{
"name": "CVE-2022-50872",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50872"
},
{
"name": "CVE-2025-40280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40280"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2023-54127",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54127"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-22996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22996"
},
{
"name": "CVE-2023-54197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54197"
},
{
"name": "CVE-2023-54244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54244"
},
{
"name": "CVE-2022-50865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2023-54319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54319"
},
{
"name": "CVE-2025-68305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68305"
},
{
"name": "CVE-2022-50845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50845"
},
{
"name": "CVE-2022-50754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50754"
},
{
"name": "CVE-2023-54140",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54140"
},
{
"name": "CVE-2022-50856",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50856"
},
{
"name": "CVE-2025-68775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68775"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54055"
},
{
"name": "CVE-2023-54025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54025"
},
{
"name": "CVE-2023-53991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53991"
},
{
"name": "CVE-2022-50861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50861"
},
{
"name": "CVE-2022-50882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50882"
},
{
"name": "CVE-2023-54300",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54300"
},
{
"name": "CVE-2025-39880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
},
{
"name": "CVE-2023-54042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54042"
},
{
"name": "CVE-2022-50832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50832"
},
{
"name": "CVE-2022-50638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50638"
},
{
"name": "CVE-2023-52525",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52525"
},
{
"name": "CVE-2023-54302",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54302"
},
{
"name": "CVE-2023-53811",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53811"
},
{
"name": "CVE-2023-54051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54051"
},
{
"name": "CVE-2023-54286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54286"
},
{
"name": "CVE-2023-54269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54269"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-53808",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53808"
},
{
"name": "CVE-2022-50849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50849"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2022-50760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50760"
},
{
"name": "CVE-2023-54014",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54014"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2022-50858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50858"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2022-50888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50888"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2024-36350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71099"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2022-50640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50640"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2022-50747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50747"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68303"
},
{
"name": "CVE-2025-40259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40259"
},
{
"name": "CVE-2024-36349",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36349"
},
{
"name": "CVE-2023-53226",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53226"
},
{
"name": "CVE-2023-53827",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53827"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2023-54293",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54293"
},
{
"name": "CVE-2022-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50782"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2022-50826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50826"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-50635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50635"
},
{
"name": "CVE-2023-53746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53746"
},
{
"name": "CVE-2023-54171",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54171"
},
{
"name": "CVE-2022-50749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50749"
},
{
"name": "CVE-2022-50618",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50618"
},
{
"name": "CVE-2023-54218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54218"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2022-50678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50678"
},
{
"name": "CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"name": "CVE-2025-71100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71100"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2023-53850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53850"
},
{
"name": "CVE-2025-38209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38209"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2023-53998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53998"
},
{
"name": "CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2023-54242",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54242"
},
{
"name": "CVE-2025-40363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40363"
},
{
"name": "CVE-2023-53852",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53852"
},
{
"name": "CVE-2022-50777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50777"
},
{
"name": "CVE-2025-71156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71156"
},
{
"name": "CVE-2023-53862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53862"
},
{
"name": "CVE-2026-22988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22988"
},
{
"name": "CVE-2022-50664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50664"
},
{
"name": "CVE-2023-50756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50756"
},
{
"name": "CVE-2022-50643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50643"
},
{
"name": "CVE-2025-68245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68245"
},
{
"name": "CVE-2023-53254",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53254"
},
{
"name": "CVE-2023-54020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54020"
},
{
"name": "CVE-2023-53996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53996"
},
{
"name": "CVE-2023-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52999"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2023-54130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54130"
},
{
"name": "CVE-2022-50625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50625"
},
{
"name": "CVE-2023-54012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54012"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2025-38539",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38539"
},
{
"name": "CVE-2025-40181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40181"
},
{
"name": "CVE-2023-54292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54292"
},
{
"name": "CVE-2025-40132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40132"
},
{
"name": "CVE-2022-50232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50232"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2023-54294",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54294"
},
{
"name": "CVE-2023-53794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53794"
},
{
"name": "CVE-2025-68178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68178"
},
{
"name": "CVE-2022-50614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50614"
},
{
"name": "CVE-2023-54050",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54050"
},
{
"name": "CVE-2022-50828",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50828"
},
{
"name": "CVE-2025-39813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2022-50670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50670"
},
{
"name": "CVE-2022-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50868"
},
{
"name": "CVE-2025-40261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40261"
},
{
"name": "CVE-2023-54287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54287"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2022-50876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50876"
},
{
"name": "CVE-2025-40323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40323"
},
{
"name": "CVE-2025-68285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68285"
},
{
"name": "CVE-2022-50652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50652"
},
{
"name": "CVE-2022-50732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50732"
},
{
"name": "CVE-2023-54198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54198"
},
{
"name": "CVE-2022-50671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50671"
},
{
"name": "CVE-2023-54047",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54047"
},
{
"name": "CVE-2022-50653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50653"
},
{
"name": "CVE-2023-54252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54252"
},
{
"name": "CVE-2023-54019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54019"
},
{
"name": "CVE-2023-54123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54123"
},
{
"name": "CVE-2023-54236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54236"
},
{
"name": "CVE-2025-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39829"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2022-50835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50835"
},
{
"name": "CVE-2023-54189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54189"
},
{
"name": "CVE-2025-68227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68227"
},
{
"name": "CVE-2025-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40339"
},
{
"name": "CVE-2023-54260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54260"
},
{
"name": "CVE-2022-50884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50884"
},
{
"name": "CVE-2023-54230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54230"
},
{
"name": "CVE-2022-50786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50786"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2023-54299",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54299"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2025-68767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68767"
},
{
"name": "CVE-2023-53830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53830"
},
{
"name": "CVE-2025-40142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40142"
},
{
"name": "CVE-2022-50850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50850"
},
{
"name": "CVE-2023-54219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54219"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2023-53847",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53847"
},
{
"name": "CVE-2025-39836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39836"
},
{
"name": "CVE-2023-54325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54325"
},
{
"name": "CVE-2023-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54121"
},
{
"name": "CVE-2022-50770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50770"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2025-40087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
},
{
"name": "CVE-2022-50755",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50755"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-13T00:00:00",
"last_revision_date": "2026-02-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0170",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0472-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260472-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0471-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260471-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0474-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260474-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0473-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260473-1"
},
{
"published_at": "2026-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0411-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260411-1"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0447-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260447-1"
},
{
"published_at": "2026-02-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:0475-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260475-1"
}
]
}
CERTFR-2026-AVI-0167
Vulnerability from certfr_avis - Published: 2026-02-13 - Updated: 2026-02-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 5.10.249-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 6.1.162-1~deb11u1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2025-71075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71075"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2026-23098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23098"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2025-68778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68778"
},
{
"name": "CVE-2026-23054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23054"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-68380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68380"
},
{
"name": "CVE-2025-39702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
},
{
"name": "CVE-2026-23069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23069"
},
{
"name": "CVE-2023-53421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53421"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2025-71071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71071"
},
{
"name": "CVE-2025-71191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71191"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-68364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68364"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2025-40039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40039"
},
{
"name": "CVE-2025-68746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68746"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2026-23020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23020"
},
{
"name": "CVE-2025-68796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68796"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-68769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68769"
},
{
"name": "CVE-2025-71189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71189"
},
{
"name": "CVE-2025-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2026-23090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23090"
},
{
"name": "CVE-2022-49711",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49711"
},
{
"name": "CVE-2026-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23064"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-68806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68806"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2026-23061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23061"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2026-23047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23047"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2025-68344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68344"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2025-68257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68257"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2026-23049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23049"
},
{
"name": "CVE-2022-49743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49743"
},
{
"name": "CVE-2025-68347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68347"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2025-68780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68780"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2026-23101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23101"
},
{
"name": "CVE-2026-23099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23099"
},
{
"name": "CVE-2025-71121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71121"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2026-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23085"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-68258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68258"
},
{
"name": "CVE-2025-39871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39871"
},
{
"name": "CVE-2025-37926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
},
{
"name": "CVE-2025-68291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68291"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-68255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68255"
},
{
"name": "CVE-2026-22980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22980"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2025-71102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71102"
},
{
"name": "CVE-2025-68759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68759"
},
{
"name": "CVE-2026-23019",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23019"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68335"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2026-23030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23030"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2025-71196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71196"
},
{
"name": "CVE-2025-68772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68772"
},
{
"name": "CVE-2026-23078",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23078"
},
{
"name": "CVE-2025-68785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68785"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2025-68223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68223"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2025-68724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
},
{
"name": "CVE-2026-23103",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23103"
},
{
"name": "CVE-2026-23074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23074"
},
{
"name": "CVE-2025-71126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71126"
},
{
"name": "CVE-2025-68786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68786"
},
{
"name": "CVE-2025-71199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71199"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2024-49968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49968"
},
{
"name": "CVE-2025-68259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68259"
},
{
"name": "CVE-2025-71125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71125"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2025-71069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71069"
},
{
"name": "CVE-2026-22994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22994"
},
{
"name": "CVE-2026-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23083"
},
{
"name": "CVE-2025-68774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68774"
},
{
"name": "CVE-2026-23108",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23108"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-71180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71180"
},
{
"name": "CVE-2025-38232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38232"
},
{
"name": "CVE-2025-71194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71194"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2026-23068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23068"
},
{
"name": "CVE-2025-68765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68765"
},
{
"name": "CVE-2026-23089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23089"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2026-23071",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23071"
},
{
"name": "CVE-2026-23056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23056"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2024-36927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
},
{
"name": "CVE-2023-54321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54321"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2026-23063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23063"
},
{
"name": "CVE-2026-23073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23073"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2026-23058",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23058"
},
{
"name": "CVE-2025-71182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71182"
},
{
"name": "CVE-2026-23038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23038"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2025-71186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71186"
},
{
"name": "CVE-2025-68821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68821"
},
{
"name": "CVE-2026-23026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23026"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2025-71190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71190"
},
{
"name": "CVE-2026-23107",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23107"
},
{
"name": "CVE-2025-68332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68332"
},
{
"name": "CVE-2025-71104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71104"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2026-23037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23037"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2023-54207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54207"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2025-68742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68742"
},
{
"name": "CVE-2026-23025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23025"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"name": "CVE-2026-22982",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22982"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2025-71150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71150"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2026-23091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23091"
},
{
"name": "CVE-2025-38718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
},
{
"name": "CVE-2025-71192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71192"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2025-68799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68799"
},
{
"name": "CVE-2025-68345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68345"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-23087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23087"
},
{
"name": "CVE-2025-71185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71185"
},
{
"name": "CVE-2026-23096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23096"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2025-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40149"
},
{
"name": "CVE-2025-40164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40164"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-52658",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2026-23075",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23075"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-23105",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23105"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2025-68753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68753"
},
{
"name": "CVE-2025-68781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68781"
},
{
"name": "CVE-2025-68369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68369"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54285"
},
{
"name": "CVE-2026-23086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23086"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-68818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68818"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2026-23095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23095"
},
{
"name": "CVE-2025-68346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68346"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2025-71105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71105"
},
{
"name": "CVE-2025-68266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68266"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2026-23033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23033"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2026-23003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23003"
},
{
"name": "CVE-2025-68766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68766"
},
{
"name": "CVE-2026-23076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23076"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2026-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23084"
},
{
"name": "CVE-2026-22979",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22979"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2026-23110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23110"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2026-23060",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23060"
},
{
"name": "CVE-2025-68282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68282"
},
{
"name": "CVE-2025-68817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68817"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2025-68787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68787"
},
{
"name": "CVE-2025-68782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68782"
},
{
"name": "CVE-2025-71197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71197"
},
{
"name": "CVE-2025-68758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68758"
},
{
"name": "CVE-2026-23031",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23031"
},
{
"name": "CVE-2025-71113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71113"
},
{
"name": "CVE-2025-71127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71127"
},
{
"name": "CVE-2026-23102",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23102"
},
{
"name": "CVE-2026-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
},
{
"name": "CVE-2025-68340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68340"
},
{
"name": "CVE-2025-40110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40110"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2025-68336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68336"
},
{
"name": "CVE-2023-52975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52975"
},
{
"name": "CVE-2026-23097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23097"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2026-23021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23021"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2026-23093",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23093"
},
{
"name": "CVE-2025-71183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71183"
},
{
"name": "CVE-2025-68371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68371"
},
{
"name": "CVE-2025-68211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68211"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2025-68263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68263"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2022-48744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48744"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2025-68767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68767"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2026-23080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23080"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-13T00:00:00",
"last_revision_date": "2026-02-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0167",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian LTS. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4476-1",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4475-1",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00016.html"
}
]
}
CERTFR-2026-AVI-0166
Vulnerability from certfr_avis - Published: 2026-02-13 - Updated: 2026-02-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.69-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.162-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-71075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71075"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-71065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71065"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-71134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71134"
},
{
"name": "CVE-2026-23098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23098"
},
{
"name": "CVE-2025-68749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68749"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2025-68778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68778"
},
{
"name": "CVE-2026-23054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23054"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2026-23072",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23072"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-68380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68380"
},
{
"name": "CVE-2026-23069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23069"
},
{
"name": "CVE-2023-53421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53421"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2025-71071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71071"
},
{
"name": "CVE-2025-71191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71191"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-68364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68364"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2025-40039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40039"
},
{
"name": "CVE-2025-71135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71135"
},
{
"name": "CVE-2025-68746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68746"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2026-23020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23020"
},
{
"name": "CVE-2025-68796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68796"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-68769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68769"
},
{
"name": "CVE-2025-68794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68794"
},
{
"name": "CVE-2025-71189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71189"
},
{
"name": "CVE-2025-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2026-23090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23090"
},
{
"name": "CVE-2026-23035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23035"
},
{
"name": "CVE-2026-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23064"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-68806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68806"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2026-23061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23061"
},
{
"name": "CVE-2026-23059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23059"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2026-23047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23047"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2025-71076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71076"
},
{
"name": "CVE-2025-68344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68344"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2025-68257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68257"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2026-23094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23094"
},
{
"name": "CVE-2026-23049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23049"
},
{
"name": "CVE-2025-68347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68347"
},
{
"name": "CVE-2025-68770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68770"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2025-68780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68780"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2026-23101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23101"
},
{
"name": "CVE-2026-23099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23099"
},
{
"name": "CVE-2025-71121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71121"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2025-71080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71080"
},
{
"name": "CVE-2026-22989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22989"
},
{
"name": "CVE-2026-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23085"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-71073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71073"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-68258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68258"
},
{
"name": "CVE-2025-39871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39871"
},
{
"name": "CVE-2026-23057",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23057"
},
{
"name": "CVE-2025-37926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
},
{
"name": "CVE-2025-71138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71138"
},
{
"name": "CVE-2025-68291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68291"
},
{
"name": "CVE-2025-71122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71122"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2025-71144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71144"
},
{
"name": "CVE-2025-68822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68822"
},
{
"name": "CVE-2025-38234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38234"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-68255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68255"
},
{
"name": "CVE-2026-22980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22980"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2025-71102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71102"
},
{
"name": "CVE-2026-23032",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23032"
},
{
"name": "CVE-2025-68759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68759"
},
{
"name": "CVE-2026-23019",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23019"
},
{
"name": "CVE-2026-23055",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23055"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68335"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2026-23030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23030"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2025-71153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71153"
},
{
"name": "CVE-2025-71196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71196"
},
{
"name": "CVE-2025-68772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68772"
},
{
"name": "CVE-2026-23078",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23078"
},
{
"name": "CVE-2025-71143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71143"
},
{
"name": "CVE-2025-68785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68785"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2025-68223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68223"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2025-68724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
},
{
"name": "CVE-2026-23103",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23103"
},
{
"name": "CVE-2026-23074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23074"
},
{
"name": "CVE-2025-71126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71126"
},
{
"name": "CVE-2025-68786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68786"
},
{
"name": "CVE-2025-71199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71199"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2024-49968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49968"
},
{
"name": "CVE-2025-68358",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68358"
},
{
"name": "CVE-2025-68259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68259"
},
{
"name": "CVE-2025-71125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71125"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2025-68789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68789"
},
{
"name": "CVE-2025-71069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71069"
},
{
"name": "CVE-2026-23013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23013"
},
{
"name": "CVE-2025-71195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71195"
},
{
"name": "CVE-2026-22994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22994"
},
{
"name": "CVE-2026-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23083"
},
{
"name": "CVE-2026-23088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23088"
},
{
"name": "CVE-2025-68774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68774"
},
{
"name": "CVE-2026-23108",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23108"
},
{
"name": "CVE-2025-71180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71180"
},
{
"name": "CVE-2025-38232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38232"
},
{
"name": "CVE-2025-71194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71194"
},
{
"name": "CVE-2025-71157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71157"
},
{
"name": "CVE-2026-23023",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23023"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2026-23068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23068"
},
{
"name": "CVE-2025-68765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68765"
},
{
"name": "CVE-2026-23089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23089"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2026-23071",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23071"
},
{
"name": "CVE-2026-23056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23056"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2025-71140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71140"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2026-23063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23063"
},
{
"name": "CVE-2026-23073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23073"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2026-23058",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23058"
},
{
"name": "CVE-2025-71067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71067"
},
{
"name": "CVE-2025-71182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71182"
},
{
"name": "CVE-2026-23038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23038"
},
{
"name": "CVE-2025-71151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71151"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2026-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23000"
},
{
"name": "CVE-2025-71186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71186"
},
{
"name": "CVE-2025-68821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68821"
},
{
"name": "CVE-2026-23026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23026"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2025-71190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71190"
},
{
"name": "CVE-2025-71089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71089"
},
{
"name": "CVE-2026-23107",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23107"
},
{
"name": "CVE-2025-68332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68332"
},
{
"name": "CVE-2025-71104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71104"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2026-23037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23037"
},
{
"name": "CVE-2025-71101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71101"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2025-68742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68742"
},
{
"name": "CVE-2026-23025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23025"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68357"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-71129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71129"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-39872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39872"
},
{
"name": "CVE-2026-22982",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22982"
},
{
"name": "CVE-2025-71109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71109"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2025-71150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71150"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2026-23091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23091"
},
{
"name": "CVE-2025-38718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
},
{
"name": "CVE-2025-71192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71192"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2025-68799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68799"
},
{
"name": "CVE-2025-68345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68345"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2025-71107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71107"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-23087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23087"
},
{
"name": "CVE-2025-68802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68802"
},
{
"name": "CVE-2025-71185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71185"
},
{
"name": "CVE-2025-68811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68811"
},
{
"name": "CVE-2026-23096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23096"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2025-68351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68351"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2025-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40149"
},
{
"name": "CVE-2025-40164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40164"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-52658",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2026-23002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23002"
},
{
"name": "CVE-2025-68333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68333"
},
{
"name": "CVE-2025-71160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71160"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2026-23075",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23075"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-22996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22996"
},
{
"name": "CVE-2026-23105",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23105"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2026-23065",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23065"
},
{
"name": "CVE-2025-68753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68753"
},
{
"name": "CVE-2025-68781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68781"
},
{
"name": "CVE-2025-68369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68369"
},
{
"name": "CVE-2025-68775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68775"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54285"
},
{
"name": "CVE-2026-23086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23086"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-68818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68818"
},
{
"name": "CVE-2025-40170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40170"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2025-71148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71148"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-71193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71193"
},
{
"name": "CVE-2026-23095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23095"
},
{
"name": "CVE-2025-68346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68346"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2026-23062",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23062"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71099"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2025-71105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71105"
},
{
"name": "CVE-2025-68266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68266"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-71068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71068"
},
{
"name": "CVE-2026-23033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23033"
},
{
"name": "CVE-2025-68784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68784"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2026-23003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23003"
},
{
"name": "CVE-2025-68766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68766"
},
{
"name": "CVE-2026-23076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23076"
},
{
"name": "CVE-2025-68792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68792"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2025-68206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68206"
},
{
"name": "CVE-2025-71100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71100"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2025-71146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71146"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2026-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23084"
},
{
"name": "CVE-2026-22979",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22979"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2025-71156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71156"
},
{
"name": "CVE-2025-40276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40276"
},
{
"name": "CVE-2026-23110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23110"
},
{
"name": "CVE-2025-68809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68809"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2026-23060",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23060"
},
{
"name": "CVE-2025-68817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68817"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2025-68787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68787"
},
{
"name": "CVE-2025-68782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68782"
},
{
"name": "CVE-2025-71197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71197"
},
{
"name": "CVE-2025-68758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68758"
},
{
"name": "CVE-2026-23031",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23031"
},
{
"name": "CVE-2025-71113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71113"
},
{
"name": "CVE-2025-71127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71127"
},
{
"name": "CVE-2026-23102",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23102"
},
{
"name": "CVE-2026-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
},
{
"name": "CVE-2026-23050",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23050"
},
{
"name": "CVE-2025-68340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68340"
},
{
"name": "CVE-2025-40110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40110"
},
{
"name": "CVE-2025-40325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40325"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2025-68336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68336"
},
{
"name": "CVE-2025-68810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68810"
},
{
"name": "CVE-2026-23097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23097"
},
{
"name": "CVE-2025-71198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71198"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2025-71072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71072"
},
{
"name": "CVE-2026-23021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23021"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2026-23093",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23093"
},
{
"name": "CVE-2025-71183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71183"
},
{
"name": "CVE-2025-68371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68371"
},
{
"name": "CVE-2025-68211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68211"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2026-23053",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23053"
},
{
"name": "CVE-2025-71184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71184"
},
{
"name": "CVE-2025-68263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68263"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2025-68767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68767"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2026-23080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23080"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-13T00:00:00",
"last_revision_date": "2026-02-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0166",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2026-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6127-1",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
},
{
"published_at": "2026-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6126-1",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
}
]
}
CERTFR-2026-AVI-0166
Vulnerability from certfr_avis - Published: 2026-02-13 - Updated: 2026-02-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.69-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.162-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-71075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71075"
},
{
"name": "CVE-2025-71086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71086"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-71065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71065"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-71134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71134"
},
{
"name": "CVE-2026-23098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23098"
},
{
"name": "CVE-2025-68749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68749"
},
{
"name": "CVE-2025-71094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71094"
},
{
"name": "CVE-2025-68788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68788"
},
{
"name": "CVE-2025-68778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68778"
},
{
"name": "CVE-2026-23054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23054"
},
{
"name": "CVE-2025-71064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71064"
},
{
"name": "CVE-2026-23072",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23072"
},
{
"name": "CVE-2025-68725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68725"
},
{
"name": "CVE-2025-68795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68795"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-68380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68380"
},
{
"name": "CVE-2026-23069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23069"
},
{
"name": "CVE-2023-53421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53421"
},
{
"name": "CVE-2026-22992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22992"
},
{
"name": "CVE-2025-71071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71071"
},
{
"name": "CVE-2025-71191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71191"
},
{
"name": "CVE-2025-68728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68728"
},
{
"name": "CVE-2025-68364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68364"
},
{
"name": "CVE-2025-71087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71087"
},
{
"name": "CVE-2025-40039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40039"
},
{
"name": "CVE-2025-71135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71135"
},
{
"name": "CVE-2025-68746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68746"
},
{
"name": "CVE-2025-68773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68773"
},
{
"name": "CVE-2025-71133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71133"
},
{
"name": "CVE-2026-23020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23020"
},
{
"name": "CVE-2025-68796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68796"
},
{
"name": "CVE-2025-68804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68804"
},
{
"name": "CVE-2025-68769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68769"
},
{
"name": "CVE-2025-68794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68794"
},
{
"name": "CVE-2025-71189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71189"
},
{
"name": "CVE-2025-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
},
{
"name": "CVE-2025-71088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71088"
},
{
"name": "CVE-2026-23090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23090"
},
{
"name": "CVE-2026-23035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23035"
},
{
"name": "CVE-2026-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23064"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-68806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68806"
},
{
"name": "CVE-2025-71098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71098"
},
{
"name": "CVE-2025-71078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71078"
},
{
"name": "CVE-2025-71083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71083"
},
{
"name": "CVE-2026-23061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23061"
},
{
"name": "CVE-2026-23059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23059"
},
{
"name": "CVE-2025-68813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68813"
},
{
"name": "CVE-2026-23047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23047"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-68365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68365"
},
{
"name": "CVE-2025-71085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71085"
},
{
"name": "CVE-2025-71076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71076"
},
{
"name": "CVE-2025-68344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68344"
},
{
"name": "CVE-2025-71154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71154"
},
{
"name": "CVE-2025-68257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68257"
},
{
"name": "CVE-2025-71084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71084"
},
{
"name": "CVE-2026-23094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23094"
},
{
"name": "CVE-2026-23049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23049"
},
{
"name": "CVE-2025-68347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68347"
},
{
"name": "CVE-2025-68770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68770"
},
{
"name": "CVE-2025-68814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68814"
},
{
"name": "CVE-2025-68780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68780"
},
{
"name": "CVE-2025-71081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71081"
},
{
"name": "CVE-2026-23101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23101"
},
{
"name": "CVE-2026-23099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23099"
},
{
"name": "CVE-2025-71121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71121"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2025-71080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71080"
},
{
"name": "CVE-2026-22989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22989"
},
{
"name": "CVE-2026-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23085"
},
{
"name": "CVE-2025-71136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71136"
},
{
"name": "CVE-2025-68354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68354"
},
{
"name": "CVE-2025-68801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68801"
},
{
"name": "CVE-2025-71073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71073"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-68258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68258"
},
{
"name": "CVE-2025-39871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39871"
},
{
"name": "CVE-2026-23057",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23057"
},
{
"name": "CVE-2025-37926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
},
{
"name": "CVE-2025-71138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71138"
},
{
"name": "CVE-2025-68291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68291"
},
{
"name": "CVE-2025-71122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71122"
},
{
"name": "CVE-2026-22991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22991"
},
{
"name": "CVE-2025-71144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71144"
},
{
"name": "CVE-2025-68822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68822"
},
{
"name": "CVE-2025-38234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38234"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-68255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68255"
},
{
"name": "CVE-2026-22980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22980"
},
{
"name": "CVE-2025-71093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71093"
},
{
"name": "CVE-2025-71102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71102"
},
{
"name": "CVE-2026-23032",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23032"
},
{
"name": "CVE-2025-68759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68759"
},
{
"name": "CVE-2026-23019",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23019"
},
{
"name": "CVE-2026-23055",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23055"
},
{
"name": "CVE-2025-68733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68733"
},
{
"name": "CVE-2026-23005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23005"
},
{
"name": "CVE-2025-68335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68335"
},
{
"name": "CVE-2025-71079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71079"
},
{
"name": "CVE-2026-23030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23030"
},
{
"name": "CVE-2026-22997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22997"
},
{
"name": "CVE-2025-71153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71153"
},
{
"name": "CVE-2025-71196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71196"
},
{
"name": "CVE-2025-68772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68772"
},
{
"name": "CVE-2026-23078",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23078"
},
{
"name": "CVE-2025-71143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71143"
},
{
"name": "CVE-2025-68785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68785"
},
{
"name": "CVE-2025-71130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71130"
},
{
"name": "CVE-2025-68808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68808"
},
{
"name": "CVE-2025-68223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68223"
},
{
"name": "CVE-2025-68783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68783"
},
{
"name": "CVE-2025-71147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71147"
},
{
"name": "CVE-2025-68724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
},
{
"name": "CVE-2026-23103",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23103"
},
{
"name": "CVE-2026-23074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23074"
},
{
"name": "CVE-2025-71126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71126"
},
{
"name": "CVE-2025-68786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68786"
},
{
"name": "CVE-2025-71199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71199"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2025-68797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68797"
},
{
"name": "CVE-2024-49968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49968"
},
{
"name": "CVE-2025-68358",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68358"
},
{
"name": "CVE-2025-68259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68259"
},
{
"name": "CVE-2025-71125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71125"
},
{
"name": "CVE-2026-23006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23006"
},
{
"name": "CVE-2025-71108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71108"
},
{
"name": "CVE-2025-68789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68789"
},
{
"name": "CVE-2025-71069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71069"
},
{
"name": "CVE-2026-23013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23013"
},
{
"name": "CVE-2025-71195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71195"
},
{
"name": "CVE-2026-22994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22994"
},
{
"name": "CVE-2026-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23083"
},
{
"name": "CVE-2026-23088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23088"
},
{
"name": "CVE-2025-68774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68774"
},
{
"name": "CVE-2026-23108",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23108"
},
{
"name": "CVE-2025-71180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71180"
},
{
"name": "CVE-2025-38232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38232"
},
{
"name": "CVE-2025-71194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71194"
},
{
"name": "CVE-2025-71157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71157"
},
{
"name": "CVE-2026-23023",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23023"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2025-71082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71082"
},
{
"name": "CVE-2026-23068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23068"
},
{
"name": "CVE-2025-68765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68765"
},
{
"name": "CVE-2026-23089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23089"
},
{
"name": "CVE-2025-71132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71132"
},
{
"name": "CVE-2026-23071",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23071"
},
{
"name": "CVE-2026-23056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23056"
},
{
"name": "CVE-2025-71077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71077"
},
{
"name": "CVE-2025-71140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71140"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2026-23063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23063"
},
{
"name": "CVE-2026-23073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23073"
},
{
"name": "CVE-2025-71114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71114"
},
{
"name": "CVE-2026-23058",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23058"
},
{
"name": "CVE-2025-71067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71067"
},
{
"name": "CVE-2025-71182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71182"
},
{
"name": "CVE-2026-23038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23038"
},
{
"name": "CVE-2025-71151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71151"
},
{
"name": "CVE-2026-22990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22990"
},
{
"name": "CVE-2026-23000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23000"
},
{
"name": "CVE-2025-71186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71186"
},
{
"name": "CVE-2025-68821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68821"
},
{
"name": "CVE-2026-23026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23026"
},
{
"name": "CVE-2025-68325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68325"
},
{
"name": "CVE-2025-71190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71190"
},
{
"name": "CVE-2025-71089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71089"
},
{
"name": "CVE-2026-23107",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23107"
},
{
"name": "CVE-2025-68332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68332"
},
{
"name": "CVE-2025-71104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71104"
},
{
"name": "CVE-2026-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22978"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2026-23037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23037"
},
{
"name": "CVE-2025-71101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71101"
},
{
"name": "CVE-2026-23001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23001"
},
{
"name": "CVE-2025-68367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68367"
},
{
"name": "CVE-2025-68820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68820"
},
{
"name": "CVE-2025-68740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68740"
},
{
"name": "CVE-2025-68742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68742"
},
{
"name": "CVE-2026-23025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23025"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2025-68816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68816"
},
{
"name": "CVE-2025-68357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68357"
},
{
"name": "CVE-2025-68256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68256"
},
{
"name": "CVE-2025-68777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68777"
},
{
"name": "CVE-2025-71129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71129"
},
{
"name": "CVE-2025-68254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68254"
},
{
"name": "CVE-2025-39872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39872"
},
{
"name": "CVE-2026-22982",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22982"
},
{
"name": "CVE-2025-71109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71109"
},
{
"name": "CVE-2025-71118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71118"
},
{
"name": "CVE-2025-71150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71150"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2026-23091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23091"
},
{
"name": "CVE-2025-38718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
},
{
"name": "CVE-2025-71192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71192"
},
{
"name": "CVE-2025-68776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68776"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2025-68799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68799"
},
{
"name": "CVE-2025-68345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68345"
},
{
"name": "CVE-2025-71097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71097"
},
{
"name": "CVE-2025-71107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71107"
},
{
"name": "CVE-2025-71111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71111"
},
{
"name": "CVE-2026-23087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23087"
},
{
"name": "CVE-2025-68802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68802"
},
{
"name": "CVE-2025-71185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71185"
},
{
"name": "CVE-2025-68811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68811"
},
{
"name": "CVE-2026-23096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23096"
},
{
"name": "CVE-2025-68337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68337"
},
{
"name": "CVE-2025-68351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68351"
},
{
"name": "CVE-2025-71131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71131"
},
{
"name": "CVE-2025-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40149"
},
{
"name": "CVE-2025-40164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40164"
},
{
"name": "CVE-2025-71116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71116"
},
{
"name": "CVE-2023-52658",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
},
{
"name": "CVE-2025-68362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68362"
},
{
"name": "CVE-2026-23002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23002"
},
{
"name": "CVE-2025-68333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68333"
},
{
"name": "CVE-2025-71160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71160"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2025-71162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71162"
},
{
"name": "CVE-2026-23075",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23075"
},
{
"name": "CVE-2025-68803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68803"
},
{
"name": "CVE-2026-22996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22996"
},
{
"name": "CVE-2026-23105",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23105"
},
{
"name": "CVE-2026-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22976"
},
{
"name": "CVE-2026-23065",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23065"
},
{
"name": "CVE-2025-68753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68753"
},
{
"name": "CVE-2025-68781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68781"
},
{
"name": "CVE-2025-68369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68369"
},
{
"name": "CVE-2025-68775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68775"
},
{
"name": "CVE-2025-71112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71112"
},
{
"name": "CVE-2023-54285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-54285"
},
{
"name": "CVE-2026-23086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23086"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-68818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68818"
},
{
"name": "CVE-2025-40170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40170"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2025-71148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71148"
},
{
"name": "CVE-2025-68366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68366"
},
{
"name": "CVE-2025-68815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68815"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-71193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71193"
},
{
"name": "CVE-2026-23095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23095"
},
{
"name": "CVE-2025-68346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68346"
},
{
"name": "CVE-2025-71163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71163"
},
{
"name": "CVE-2026-23062",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23062"
},
{
"name": "CVE-2025-71096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71096"
},
{
"name": "CVE-2025-71099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71099"
},
{
"name": "CVE-2025-71095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71095"
},
{
"name": "CVE-2025-71105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71105"
},
{
"name": "CVE-2025-68266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68266"
},
{
"name": "CVE-2025-68771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68771"
},
{
"name": "CVE-2025-68363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68363"
},
{
"name": "CVE-2026-22984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22984"
},
{
"name": "CVE-2025-68757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68757"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-71068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71068"
},
{
"name": "CVE-2026-23033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23033"
},
{
"name": "CVE-2025-68784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68784"
},
{
"name": "CVE-2026-22977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22977"
},
{
"name": "CVE-2026-23003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23003"
},
{
"name": "CVE-2025-68766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68766"
},
{
"name": "CVE-2026-23076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23076"
},
{
"name": "CVE-2025-68792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68792"
},
{
"name": "CVE-2025-71123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71123"
},
{
"name": "CVE-2025-68206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68206"
},
{
"name": "CVE-2025-71100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71100"
},
{
"name": "CVE-2025-68372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68372"
},
{
"name": "CVE-2026-23010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23010"
},
{
"name": "CVE-2025-71146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71146"
},
{
"name": "CVE-2025-71137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71137"
},
{
"name": "CVE-2026-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23084"
},
{
"name": "CVE-2026-22979",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22979"
},
{
"name": "CVE-2026-23011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23011"
},
{
"name": "CVE-2025-71156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71156"
},
{
"name": "CVE-2025-40276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40276"
},
{
"name": "CVE-2026-23110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23110"
},
{
"name": "CVE-2025-68809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68809"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2026-23060",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23060"
},
{
"name": "CVE-2025-68817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68817"
},
{
"name": "CVE-2025-71119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71119"
},
{
"name": "CVE-2025-68787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68787"
},
{
"name": "CVE-2025-68782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68782"
},
{
"name": "CVE-2025-71197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71197"
},
{
"name": "CVE-2025-68758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68758"
},
{
"name": "CVE-2026-23031",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23031"
},
{
"name": "CVE-2025-71113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71113"
},
{
"name": "CVE-2025-71127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71127"
},
{
"name": "CVE-2026-23102",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23102"
},
{
"name": "CVE-2026-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
},
{
"name": "CVE-2026-23050",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23050"
},
{
"name": "CVE-2025-68340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68340"
},
{
"name": "CVE-2025-40110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40110"
},
{
"name": "CVE-2025-40325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40325"
},
{
"name": "CVE-2025-68798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68798"
},
{
"name": "CVE-2025-68336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68336"
},
{
"name": "CVE-2025-68810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68810"
},
{
"name": "CVE-2026-23097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23097"
},
{
"name": "CVE-2025-71198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71198"
},
{
"name": "CVE-2025-68819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68819"
},
{
"name": "CVE-2025-71072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71072"
},
{
"name": "CVE-2026-23021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23021"
},
{
"name": "CVE-2025-68732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68732"
},
{
"name": "CVE-2026-23093",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23093"
},
{
"name": "CVE-2025-71183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71183"
},
{
"name": "CVE-2025-68371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68371"
},
{
"name": "CVE-2025-68211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68211"
},
{
"name": "CVE-2025-71091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71091"
},
{
"name": "CVE-2026-23053",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23053"
},
{
"name": "CVE-2025-71184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71184"
},
{
"name": "CVE-2025-68263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68263"
},
{
"name": "CVE-2025-68800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68800"
},
{
"name": "CVE-2025-68261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68261"
},
{
"name": "CVE-2025-71149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71149"
},
{
"name": "CVE-2025-68767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68767"
},
{
"name": "CVE-2025-68727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68727"
},
{
"name": "CVE-2026-23080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23080"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"name": "CVE-2025-68264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68264"
},
{
"name": "CVE-2025-68764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68764"
}
],
"initial_release_date": "2026-02-13T00:00:00",
"last_revision_date": "2026-02-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0166",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2026-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6127-1",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
},
{
"published_at": "2026-02-09",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6126-1",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
}
]
}
SUSE-SU-2026:0447-1
Vulnerability from csaf_suse - Published: 2026-02-11 14:05 - Updated: 2026-02-11 14:05Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).
- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).
- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix 'UBSAN: shift-out-of-bounds error' (bsc#1256760).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).
- CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
The following non security issues were fixed:
- ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).
- ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes).
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- ALSA: usb: Increase volume range that triggers a warning (git-fixes).
- ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).
- ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).
- ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).
- ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).
- ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).
- ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).
- ASoC: tlv320adcx140: fix null pointer (git-fixes).
- ASoC: tlv320adcx140: fix word length (git-fixes).
- ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes).
- Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes).
- Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bs-upload-kernel: Fix cve branch uploads.
- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).
- can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).
- can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes).
- can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes).
- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes).
- cifs: add new field to track the last access time of cfid (git-fixes).
- cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).
- cifs: avoid redundant calls to disable multichannel (git-fixes).
- cifs: cifs_pick_channel should try selecting active channels (git-fixes).
- cifs: deal with the channel loading lag while picking channels (git-fixes).
- cifs: dns resolution is needed only for primary channel (git-fixes).
- cifs: do not disable interface polling on failure (git-fixes).
- cifs: do not search for channel if server is terminating (git-fixes).
- cifs: fix a pending undercount of srv_count (git-fixes).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: fix lock ordering while disabling multichannel (git-fixes).
- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).
- cifs: fix use after free for iface while disabling secondary channels (git-fixes).
- cifs: handle servers that still advertise multichannel after disabling (git-fixes).
- cifs: handle when server starts supporting multichannel (git-fixes).
- cifs: handle when server stops supporting multichannel (git-fixes).
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).
- cifs: make sure that channel scaling is done only once (git-fixes).
- cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).
- cifs: reset connections for all channels when reconnect requested (git-fixes).
- cifs: reset iface weights when we cannot find a candidate (git-fixes).
- cifs: serialize other channels when query server interfaces is pending (git-fixes).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- comedi: dmm32at: serialize use of paged registers (git-fixes).
- comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes).
- comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).
- cpuset: fix warning when disabling remote partition (bsc#1256794).
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes).
- dmaengine: apple-admac: Add 'apple,t8103-admac' compatible (git-fixes).
- dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes).
- dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).
- dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).
- dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).
- dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).
- dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).
- dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes).
- dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes).
- dmaengine: tegra-adma: Fix use-after-free (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).
- dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).
- dmaengine: xilinx_dma: Fix uninitialized addr_width when 'xlnx,addrwidth' property is missing (git-fixes).
- dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).
- dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).
- dpll: fix return value check for kmemdup (git-fixes).
- dpll: indent DPLL option type by a tab (git-fixes).
- dpll: Prevent duplicate registrations (git-fixes).
- dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).
- drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).
- drm/amd/display: Apply e4479aecf658 to dml (stable-fixes).
- drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).
- drm/amd/display: Fix DP no audio issue (stable-fixes).
- drm/amd/display: Initialise backlight level values from hw (git-fixes).
- drm/amd/display: Respect user's CONFIG_FRAME_WARN more for dml files (stable-fixes).
- drm/amd/display: shrink struct members (stable-fixes).
- drm/amd/pm: Don't clear SI SMC table when setting power limit (git-fixes).
- drm/amd/pm: fix race in power state check before mutex lock (git-fixes).
- drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes).
- drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).
- drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes).
- drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes).
- drm/amdgpu: Fix query for VPE block_type and ip_count (stable-fixes).
- drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes).
- drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes).
- drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes).
- drm/imagination: Wait for FW trace update command completion (git-fixes).
- drm/imx/tve: fix probe device leak (git-fixes).
- drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).
- drm/nouveau: add missing DCB connector types (git-fixes).
- drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).
- drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes).
- drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes).
- drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).
- drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes).
- drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes).
- drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions (git-fixes).
- exfat: check return value of sb_min_blocksize in exfat_read_boot_sector (git-fixes).
- exfat: fix remount failure in different process environments (git-fixes).
- gpio: omap: do not register driver in probe() (git-fixes).
- gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).
- gpio: pca953x: fix wrong error probe return value (git-fixes).
- gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).
- gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes).
- gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).
- gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).
- HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- iio: accel: iis328dq: fix gain values (git-fixes).
- iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).
- iio: adc: ad9467: fix ad9434 vref mask (git-fixes).
- iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes).
- iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes).
- iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes).
- Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).
- Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).
- intel_th: fix device leak on output open() (git-fixes).
- leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).
- lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).
- mei: me: add nova lake point S DID (stable-fixes).
- mei: me: add wildcat lake P DID (stable-fixes).
- mISDN: annotate data-race around dev->work (git-fixes).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087).
- mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes).
- mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).
- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: mana: Add metadata support for xdp mode (git-fixes).
- net: mana: Add standard counter rx_missed_errors (git-fixes).
- net: mana: Add support for auxiliary device servicing events (git-fixes).
- net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).
- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).
- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).
- net: mana: Fix use-after-free in reset service rescan path (git-fixes).
- net: mana: Fix warnings for missing export.h header inclusion (git-fixes).
- net: mana: Handle hardware recovery events when probing the device (git-fixes).
- net: mana: Handle Reset Request from MANA NIC (git-fixes).
- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
- net: mana: Handle unsupported HWC commands (git-fixes).
- net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).
- net: mana: Probe rdma device in mana driver (git-fixes).
- net: mana: Reduce waiting time if HWC not responding (git-fixes).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: usb: dm9601: remove broken SR9700 support (git-fixes).
- net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes).
- nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes).
- nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes).
- NFS: Fix up the automount fs_context to use the correct cred (git-fixes).
- nfsd: Drop the client reference in client_states_open() (git-fixes).
- NFSD: Fix permission check for read access to executable-only files (git-fixes).
- NFSD: use correct reservation type in nfsd4_scsi_fence_client (git-fixes).
- NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes).
- NFSv4: ensure the open stateid seqid doesn't go backwards (git-fixes).
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).
- nvmet-auth: update sc_c in host response (git-fixes).
- nvmet-auth: update sc_c in target host hash calculation (git-fixes).
- of: fix reference count leak in of_alias_scan() (git-fixes).
- of: platform: Use default match table for /firmware (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).
- phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).
- phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).
- phy: stm32-usphyc: Fix off by one in probe() (git-fixes).
- phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes).
- platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes).
- platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (git-fixes).
- platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes).
- platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes).
- pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (git-fixes).
- powercap: fix race condition in register_control_type() (stable-fixes).
- powercap: fix sscanf() error return value handling (stable-fixes).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- RDMA/mana_ib: Access remote atomic for MRs (git-fixes).
- RDMA/mana_ib: add additional port counters (git-fixes).
- RDMA/mana_ib: Add device statistics support (git-fixes).
- RDMA/mana_ib: Add port statistics support (git-fixes).
- RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).
- RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).
- RDMA/mana_ib: add support of multiple ports (git-fixes).
- RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).
- RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).
- RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).
- RDMA/mana_ib: create kernel-level CQs (git-fixes).
- RDMA/mana_ib: create/destroy AH (git-fixes).
- RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).
- RDMA/mana_ib: extend mana QP table (git-fixes).
- RDMA/mana_ib: Extend modify QP (git-fixes).
- RDMA/mana_ib: Fix error code in probe() (git-fixes).
- RDMA/mana_ib: Fix integer overflow during queue creation (git-fixes).
- RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).
- RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).
- RDMA/mana_ib: Implement DMABUF MR support (git-fixes).
- RDMA/mana_ib: implement get_dma_mr (git-fixes).
- RDMA/mana_ib: implement req_notify_cq (git-fixes).
- RDMA/mana_ib: indicate CM support (git-fixes).
- RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).
- RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes).
- RDMA/mana_ib: request error CQEs when supported (git-fixes).
- RDMA/mana_ib: support of the zero based MRs (git-fixes).
- RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).
- RDMA/mana_ib: UD/GSI work requests (git-fixes).
- RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes).
- RDMA/mana_ib: Use safer allocation function() (git-fixes).
- regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- sched/rt: Skip group schedulable check with rt_group_sched=0 (bsc#1256568).
- scripts: obsapi: Support URL trailing / in oscrc.
- scripts: teaapi: Add paging.
- scripts: uploader: Fix no change condition for _maintainership.json.
- scripts: uploader: Handle missing upstream in is_pr_open.
- scripts/python/git_sort/git_sort.yaml: add cifs for-next repository.
- scrits: teaapi: Add list_repos.
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).
- selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes).
- serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).
- slimbus: core: fix device reference leak on report present (git-fixes).
- slimbus: core: fix OF node leak on registration failure (git-fixes).
- slimbus: core: fix of_slim_get_device() kernel doc (git-fixes).
- slimbus: core: fix runtime PM imbalance on report present (git-fixes).
- smb: change return type of cached_dir_lease_break() to bool (git-fixes).
- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).
- smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes).
- smb: client: fix warning when reconnecting channel (git-fixes).
- smb: client: introduce close_cached_dir_locked() (git-fixes).
- smb: client: remove unused fid_lock (git-fixes).
- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- smb3: add missing null server pointer check (git-fixes).
- spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).
- spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes).
- spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes).
- svcrdma: return 0 on success from svc_rdma_copy_inline_range (git-fixes).
- uacce: ensure safe queue release with state management (git-fixes).
- uacce: fix cdev handling in the cleanup path (git-fixes).
- uacce: fix isolate sysfs check condition (git-fixes).
- uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes).
- usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes).
- usb: dwc3: Check for USB4 IP_NAME (stable-fixes).
- USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).
- USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).
- USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).
- usbnet: limit max_mtu based on device's hard_mtu (git-fixes).
- w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes).
- w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).
- wifi: ath10k: fix dma_free_coherent() pointer (git-fixes).
- wifi: ath12k: fix dma_free_coherent() pointer (git-fixes).
- wifi: mac80211: correctly decode TTLM with default link map (git-fixes).
- wifi: mac80211: don't perform DA check on S1G beacon (git-fixes).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).
- x86: make page fault handling disable interrupts properly (git-fixes).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
Patchnames
SUSE-2026-447,SUSE-SLE-Module-Basesystem-15-SP7-2026-447,SUSE-SLE-Module-Development-Tools-15-SP7-2026-447,SUSE-SLE-Module-Legacy-15-SP7-2026-447,SUSE-SLE-Module-Live-Patching-15-SP7-2026-447,SUSE-SLE-Product-HA-15-SP7-2026-447,SUSE-SLE-Product-WE-15-SP7-2026-447
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).\n- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).\n- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).\n- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).\n- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).\n- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).\n- CVE-2025-40261: nvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).\n- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).\n- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).\n- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).\n- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).\n- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).\n- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).\n- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).\n- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).\n- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).\n- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).\n- CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226).\n- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).\n- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).\n- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).\n- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).\n- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).\n- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).\n- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).\n- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).\n- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).\n- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).\n- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).\n- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).\n- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).\n- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).\n- CVE-2025-68363: bpf: Check skb-\u003etransport_header is set in bpf_skb_check_mtu (bsc#1255552).\n- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).\n- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).\n- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).\n- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).\n- CVE-2025-68379: RDMA/rxe: Fix null deref on srq-\u003erq.queue after resize failure (bsc#1255695).\n- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).\n- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).\n- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).\n- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).\n- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).\n- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).\n- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).\n- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).\n- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).\n- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).\n- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).\n- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).\n- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).\n- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).\n- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).\n- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).\n- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).\n- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).\n- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).\n- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).\n- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).\n- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).\n- CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).\n- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).\n- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).\n- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).\n- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).\n- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).\n- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).\n- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).\n- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).\n- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).\n- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).\n- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).\n- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).\n- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).\n- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).\n- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).\n- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).\n- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).\n- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).\n- CVE-2025-71137: octeontx2-pf: fix \u0027UBSAN: shift-out-of-bounds error\u0027 (bsc#1256760).\n- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).\n- CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).\n- CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).\n- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).\n- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).\n- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).\n- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).\n- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).\n- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).\n- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).\n- CVE-2026-22996: net/mlx5e: Don\u0027t store mlx5e_priv in mlx5e_dev devlink priv.\n- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).\n- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).\n- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).\n- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).\n- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).\n\nThe following non security issues were fixed:\n\n- ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).\n- ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).\n- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes).\n- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).\n- ALSA: usb: Increase volume range that triggers a warning (git-fixes).\n- ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).\n- ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).\n- ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).\n- ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).\n- ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).\n- ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).\n- ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).\n- ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).\n- ASoC: tlv320adcx140: fix null pointer (git-fixes).\n- ASoC: tlv320adcx140: fix word length (git-fixes).\n- ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes).\n- Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes).\n- Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes).\n- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).\n- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).\n- bs-upload-kernel: Fix cve branch uploads.\n- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).\n- can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).\n- can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes).\n- can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).\n- can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes).\n- can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes).\n- can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes).\n- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes).\n- can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes).\n- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes).\n- cifs: add new field to track the last access time of cfid (git-fixes).\n- cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).\n- cifs: avoid redundant calls to disable multichannel (git-fixes).\n- cifs: cifs_pick_channel should try selecting active channels (git-fixes).\n- cifs: deal with the channel loading lag while picking channels (git-fixes).\n- cifs: dns resolution is needed only for primary channel (git-fixes).\n- cifs: do not disable interface polling on failure (git-fixes).\n- cifs: do not search for channel if server is terminating (git-fixes).\n- cifs: fix a pending undercount of srv_count (git-fixes).\n- cifs: Fix copy offload to flush destination region (bsc#1252511).\n- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).\n- cifs: fix lock ordering while disabling multichannel (git-fixes).\n- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).\n- cifs: fix use after free for iface while disabling secondary channels (git-fixes).\n- cifs: handle servers that still advertise multichannel after disabling (git-fixes).\n- cifs: handle when server starts supporting multichannel (git-fixes).\n- cifs: handle when server stops supporting multichannel (git-fixes).\n- cifs: make cifs_chan_update_iface() a void function (git-fixes).\n- cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).\n- cifs: make sure that channel scaling is done only once (git-fixes).\n- cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).\n- cifs: reset connections for all channels when reconnect requested (git-fixes).\n- cifs: reset iface weights when we cannot find a candidate (git-fixes).\n- cifs: serialize other channels when query server interfaces is pending (git-fixes).\n- cifs: update dstaddr whenever channel iface is updated (git-fixes).\n- comedi: dmm32at: serialize use of paged registers (git-fixes).\n- comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes).\n- comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).\n- cpuset: fix warning when disabling remote partition (bsc#1256794).\n- crypto: authencesn - reject too-short AAD (assoclen\u003c8) to match ESP/ESN spec (git-fixes).\n- dmaengine: apple-admac: Add \u0027apple,t8103-admac\u0027 compatible (git-fixes).\n- dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes).\n- dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).\n- dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).\n- dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).\n- dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).\n- dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).\n- dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes).\n- dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes).\n- dmaengine: tegra-adma: Fix use-after-free (git-fixes).\n- dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).\n- dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).\n- dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).\n- dmaengine: xilinx_dma: Fix uninitialized addr_width when \u0027xlnx,addrwidth\u0027 property is missing (git-fixes).\n- dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).\n- dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).\n- dpll: fix return value check for kmemdup (git-fixes).\n- dpll: indent DPLL option type by a tab (git-fixes).\n- dpll: Prevent duplicate registrations (git-fixes).\n- dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).\n- drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).\n- drm/amd/display: Apply e4479aecf658 to dml (stable-fixes).\n- drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).\n- drm/amd/display: Fix DP no audio issue (stable-fixes).\n- drm/amd/display: Initialise backlight level values from hw (git-fixes).\n- drm/amd/display: Respect user\u0027s CONFIG_FRAME_WARN more for dml files (stable-fixes).\n- drm/amd/display: shrink struct members (stable-fixes).\n- drm/amd/pm: Don\u0027t clear SI SMC table when setting power limit (git-fixes).\n- drm/amd/pm: fix race in power state check before mutex lock (git-fixes).\n- drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes).\n- drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).\n- drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes).\n- drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes).\n- drm/amdgpu: Fix query for VPE block_type and ip_count (stable-fixes).\n- drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes).\n- drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes).\n- drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes).\n- drm/imagination: Wait for FW trace update command completion (git-fixes).\n- drm/imx/tve: fix probe device leak (git-fixes).\n- drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).\n- drm/nouveau: add missing DCB connector types (git-fixes).\n- drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).\n- drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes).\n- drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes).\n- drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).\n- drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes).\n- drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes).\n- drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions (git-fixes).\n- exfat: check return value of sb_min_blocksize in exfat_read_boot_sector (git-fixes).\n- exfat: fix remount failure in different process environments (git-fixes).\n- gpio: omap: do not register driver in probe() (git-fixes).\n- gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).\n- gpio: pca953x: fix wrong error probe return value (git-fixes).\n- gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).\n- gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes).\n- gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).\n- gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).\n- HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).\n- ice: use netif_get_num_default_rss_queues() (bsc#1247712).\n- iio: accel: iis328dq: fix gain values (git-fixes).\n- iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).\n- iio: adc: ad9467: fix ad9434 vref mask (git-fixes).\n- iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes).\n- iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes).\n- iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes).\n- Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).\n- Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).\n- intel_th: fix device leak on output open() (git-fixes).\n- leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).\n- lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).\n- mei: me: add nova lake point S DID (stable-fixes).\n- mei: me: add wildcat lake P DID (stable-fixes).\n- mISDN: annotate data-race around dev-\u003ework (git-fixes).\n- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087).\n- mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes).\n- mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).\n- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes).\n- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).\n- net: mana: Add metadata support for xdp mode (git-fixes).\n- net: mana: Add standard counter rx_missed_errors (git-fixes).\n- net: mana: Add support for auxiliary device servicing events (git-fixes).\n- net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).\n- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).\n- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).\n- net: mana: Fix use-after-free in reset service rescan path (git-fixes).\n- net: mana: Fix warnings for missing export.h header inclusion (git-fixes).\n- net: mana: Handle hardware recovery events when probing the device (git-fixes).\n- net: mana: Handle Reset Request from MANA NIC (git-fixes).\n- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).\n- net: mana: Handle unsupported HWC commands (git-fixes).\n- net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).\n- net: mana: Probe rdma device in mana driver (git-fixes).\n- net: mana: Reduce waiting time if HWC not responding (git-fixes).\n- net: tcp: allow zero-window ACK update the window (bsc#1254767).\n- net: usb: dm9601: remove broken SR9700 support (git-fixes).\n- net: wwan: t7xx: fix potential skb-\u003efrags overflow in RX path (git-fixes).\n- nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes).\n- nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes).\n- NFS: Fix up the automount fs_context to use the correct cred (git-fixes).\n- nfsd: Drop the client reference in client_states_open() (git-fixes).\n- NFSD: Fix permission check for read access to executable-only files (git-fixes).\n- NFSD: use correct reservation type in nfsd4_scsi_fence_client (git-fixes).\n- NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes).\n- NFSv4: ensure the open stateid seqid doesn\u0027t go backwards (git-fixes).\n- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).\n- nvmet-auth: update sc_c in host response (git-fixes).\n- nvmet-auth: update sc_c in target host hash calculation (git-fixes).\n- of: fix reference count leak in of_alias_scan() (git-fixes).\n- of: platform: Use default match table for /firmware (git-fixes).\n- phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).\n- phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).\n- phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).\n- phy: stm32-usphyc: Fix off by one in probe() (git-fixes).\n- phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes).\n- platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes).\n- platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (git-fixes).\n- platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes).\n- platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes).\n- pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (git-fixes).\n- powercap: fix race condition in register_control_type() (stable-fixes).\n- powercap: fix sscanf() error return value handling (stable-fixes).\n- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).\n- RDMA/mana_ib: Access remote atomic for MRs (git-fixes).\n- RDMA/mana_ib: add additional port counters (git-fixes).\n- RDMA/mana_ib: Add device statistics support (git-fixes).\n- RDMA/mana_ib: Add port statistics support (git-fixes).\n- RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).\n- RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).\n- RDMA/mana_ib: add support of multiple ports (git-fixes).\n- RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).\n- RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).\n- RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).\n- RDMA/mana_ib: create kernel-level CQs (git-fixes).\n- RDMA/mana_ib: create/destroy AH (git-fixes).\n- RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).\n- RDMA/mana_ib: extend mana QP table (git-fixes).\n- RDMA/mana_ib: Extend modify QP (git-fixes).\n- RDMA/mana_ib: Fix error code in probe() (git-fixes).\n- RDMA/mana_ib: Fix integer overflow during queue creation (git-fixes).\n- RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).\n- RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).\n- RDMA/mana_ib: Implement DMABUF MR support (git-fixes).\n- RDMA/mana_ib: implement get_dma_mr (git-fixes).\n- RDMA/mana_ib: implement req_notify_cq (git-fixes).\n- RDMA/mana_ib: indicate CM support (git-fixes).\n- RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).\n- RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes).\n- RDMA/mana_ib: request error CQEs when supported (git-fixes).\n- RDMA/mana_ib: support of the zero based MRs (git-fixes).\n- RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).\n- RDMA/mana_ib: UD/GSI work requests (git-fixes).\n- RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes).\n- RDMA/mana_ib: Use safer allocation function() (git-fixes).\n- regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).\n- sched: Increase sched_tick_remote timeout (bsc#1254510).\n- sched/rt: Skip group schedulable check with rt_group_sched=0 (bsc#1256568).\n- scripts: obsapi: Support URL trailing / in oscrc.\n- scripts: teaapi: Add paging.\n- scripts: uploader: Fix no change condition for _maintainership.json.\n- scripts: uploader: Handle missing upstream in is_pr_open.\n- scripts/python/git_sort/git_sort.yaml: add cifs for-next repository.\n- scrits: teaapi: Add list_repos.\n- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).\n- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).\n- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).\n- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).\n- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).\n- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).\n- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).\n- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).\n- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).\n- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).\n- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).\n- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).\n- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).\n- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).\n- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).\n- selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).\n- selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes).\n- serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).\n- slimbus: core: fix device reference leak on report present (git-fixes).\n- slimbus: core: fix OF node leak on registration failure (git-fixes).\n- slimbus: core: fix of_slim_get_device() kernel doc (git-fixes).\n- slimbus: core: fix runtime PM imbalance on report present (git-fixes).\n- smb: change return type of cached_dir_lease_break() to bool (git-fixes).\n- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).\n- smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes).\n- smb: client: fix warning when reconnecting channel (git-fixes).\n- smb: client: introduce close_cached_dir_locked() (git-fixes).\n- smb: client: remove unused fid_lock (git-fixes).\n- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).\n- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748).\n- smb: client: update cfid-\u003elast_access_time in open_cached_dir_by_dentry() (git-fixes).\n- smb: improve directory cache reuse for readdir operations (bsc#1252712).\n- smb3: add missing null server pointer check (git-fixes).\n- spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).\n- spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes).\n- spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes).\n- svcrdma: return 0 on success from svc_rdma_copy_inline_range (git-fixes).\n- uacce: ensure safe queue release with state management (git-fixes).\n- uacce: fix cdev handling in the cleanup path (git-fixes).\n- uacce: fix isolate sysfs check condition (git-fixes).\n- uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes).\n- usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes).\n- usb: dwc3: Check for USB4 IP_NAME (stable-fixes).\n- USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).\n- USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).\n- USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).\n- usbnet: limit max_mtu based on device\u0027s hard_mtu (git-fixes).\n- w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes).\n- w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).\n- wifi: ath10k: fix dma_free_coherent() pointer (git-fixes).\n- wifi: ath12k: fix dma_free_coherent() pointer (git-fixes).\n- wifi: mac80211: correctly decode TTLM with default link map (git-fixes).\n- wifi: mac80211: don\u0027t perform DA check on S1G beacon (git-fixes).\n- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).\n- wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).\n- x86: make page fault handling disable interrupts properly (git-fixes).\n- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).\n- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).\n- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).\n- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).\n- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).\n- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).\n- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).\n- x86/microcode/AMD: Fix __apply_microcode_amd()\u0027s return value (bsc#1256528).\n- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).\n- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).\n- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).\n- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-447,SUSE-SLE-Module-Basesystem-15-SP7-2026-447,SUSE-SLE-Module-Development-Tools-15-SP7-2026-447,SUSE-SLE-Module-Legacy-15-SP7-2026-447,SUSE-SLE-Module-Live-Patching-15-SP7-2026-447,SUSE-SLE-Product-HA-15-SP7-2026-447,SUSE-SLE-Product-WE-15-SP7-2026-447",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0447-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0447-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260447-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0447-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024124.html"
},
{
"category": "self",
"summary": "SUSE Bug 1205462",
"url": "https://bugzilla.suse.com/1205462"
},
{
"category": "self",
"summary": "SUSE Bug 1214285",
"url": "https://bugzilla.suse.com/1214285"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1223800",
"url": "https://bugzilla.suse.com/1223800"
},
{
"category": "self",
"summary": "SUSE Bug 1228490",
"url": "https://bugzilla.suse.com/1228490"
},
{
"category": "self",
"summary": "SUSE Bug 1233563",
"url": "https://bugzilla.suse.com/1233563"
},
{
"category": "self",
"summary": "SUSE Bug 1234842",
"url": "https://bugzilla.suse.com/1234842"
},
{
"category": "self",
"summary": "SUSE Bug 1235566",
"url": "https://bugzilla.suse.com/1235566"
},
{
"category": "self",
"summary": "SUSE Bug 1241437",
"url": "https://bugzilla.suse.com/1241437"
},
{
"category": "self",
"summary": "SUSE Bug 1242505",
"url": "https://bugzilla.suse.com/1242505"
},
{
"category": "self",
"summary": "SUSE Bug 1242909",
"url": "https://bugzilla.suse.com/1242909"
},
{
"category": "self",
"summary": "SUSE Bug 1243662",
"url": "https://bugzilla.suse.com/1243662"
},
{
"category": "self",
"summary": "SUSE Bug 1243677",
"url": "https://bugzilla.suse.com/1243677"
},
{
"category": "self",
"summary": "SUSE Bug 1243678",
"url": "https://bugzilla.suse.com/1243678"
},
{
"category": "self",
"summary": "SUSE Bug 1245538",
"url": "https://bugzilla.suse.com/1245538"
},
{
"category": "self",
"summary": "SUSE Bug 1246022",
"url": "https://bugzilla.suse.com/1246022"
},
{
"category": "self",
"summary": "SUSE Bug 1246184",
"url": "https://bugzilla.suse.com/1246184"
},
{
"category": "self",
"summary": "SUSE Bug 1246447",
"url": "https://bugzilla.suse.com/1246447"
},
{
"category": "self",
"summary": "SUSE Bug 1247030",
"url": "https://bugzilla.suse.com/1247030"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1248211",
"url": "https://bugzilla.suse.com/1248211"
},
{
"category": "self",
"summary": "SUSE Bug 1249307",
"url": "https://bugzilla.suse.com/1249307"
},
{
"category": "self",
"summary": "SUSE Bug 1249904",
"url": "https://bugzilla.suse.com/1249904"
},
{
"category": "self",
"summary": "SUSE Bug 1250032",
"url": "https://bugzilla.suse.com/1250032"
},
{
"category": "self",
"summary": "SUSE Bug 1250082",
"url": "https://bugzilla.suse.com/1250082"
},
{
"category": "self",
"summary": "SUSE Bug 1250388",
"url": "https://bugzilla.suse.com/1250388"
},
{
"category": "self",
"summary": "SUSE Bug 1250705",
"url": "https://bugzilla.suse.com/1250705"
},
{
"category": "self",
"summary": "SUSE Bug 1250748",
"url": "https://bugzilla.suse.com/1250748"
},
{
"category": "self",
"summary": "SUSE Bug 1252511",
"url": "https://bugzilla.suse.com/1252511"
},
{
"category": "self",
"summary": "SUSE Bug 1252712",
"url": "https://bugzilla.suse.com/1252712"
},
{
"category": "self",
"summary": "SUSE Bug 1252891",
"url": "https://bugzilla.suse.com/1252891"
},
{
"category": "self",
"summary": "SUSE Bug 1252900",
"url": "https://bugzilla.suse.com/1252900"
},
{
"category": "self",
"summary": "SUSE Bug 1253087",
"url": "https://bugzilla.suse.com/1253087"
},
{
"category": "self",
"summary": "SUSE Bug 1253330",
"url": "https://bugzilla.suse.com/1253330"
},
{
"category": "self",
"summary": "SUSE Bug 1253340",
"url": "https://bugzilla.suse.com/1253340"
},
{
"category": "self",
"summary": "SUSE Bug 1253348",
"url": "https://bugzilla.suse.com/1253348"
},
{
"category": "self",
"summary": "SUSE Bug 1253433",
"url": "https://bugzilla.suse.com/1253433"
},
{
"category": "self",
"summary": "SUSE Bug 1253443",
"url": "https://bugzilla.suse.com/1253443"
},
{
"category": "self",
"summary": "SUSE Bug 1253451",
"url": "https://bugzilla.suse.com/1253451"
},
{
"category": "self",
"summary": "SUSE Bug 1253471",
"url": "https://bugzilla.suse.com/1253471"
},
{
"category": "self",
"summary": "SUSE Bug 1253739",
"url": "https://bugzilla.suse.com/1253739"
},
{
"category": "self",
"summary": "SUSE Bug 1254244",
"url": "https://bugzilla.suse.com/1254244"
},
{
"category": "self",
"summary": "SUSE Bug 1254447",
"url": "https://bugzilla.suse.com/1254447"
},
{
"category": "self",
"summary": "SUSE Bug 1254465",
"url": "https://bugzilla.suse.com/1254465"
},
{
"category": "self",
"summary": "SUSE Bug 1254510",
"url": "https://bugzilla.suse.com/1254510"
},
{
"category": "self",
"summary": "SUSE Bug 1254624",
"url": "https://bugzilla.suse.com/1254624"
},
{
"category": "self",
"summary": "SUSE Bug 1254767",
"url": "https://bugzilla.suse.com/1254767"
},
{
"category": "self",
"summary": "SUSE Bug 1254835",
"url": "https://bugzilla.suse.com/1254835"
},
{
"category": "self",
"summary": "SUSE Bug 1254839",
"url": "https://bugzilla.suse.com/1254839"
},
{
"category": "self",
"summary": "SUSE Bug 1254842",
"url": "https://bugzilla.suse.com/1254842"
},
{
"category": "self",
"summary": "SUSE Bug 1254845",
"url": "https://bugzilla.suse.com/1254845"
},
{
"category": "self",
"summary": "SUSE Bug 1254852",
"url": "https://bugzilla.suse.com/1254852"
},
{
"category": "self",
"summary": "SUSE Bug 1254871",
"url": "https://bugzilla.suse.com/1254871"
},
{
"category": "self",
"summary": "SUSE Bug 1255102",
"url": "https://bugzilla.suse.com/1255102"
},
{
"category": "self",
"summary": "SUSE Bug 1255120",
"url": "https://bugzilla.suse.com/1255120"
},
{
"category": "self",
"summary": "SUSE Bug 1255128",
"url": "https://bugzilla.suse.com/1255128"
},
{
"category": "self",
"summary": "SUSE Bug 1255138",
"url": "https://bugzilla.suse.com/1255138"
},
{
"category": "self",
"summary": "SUSE Bug 1255140",
"url": "https://bugzilla.suse.com/1255140"
},
{
"category": "self",
"summary": "SUSE Bug 1255157",
"url": "https://bugzilla.suse.com/1255157"
},
{
"category": "self",
"summary": "SUSE Bug 1255164",
"url": "https://bugzilla.suse.com/1255164"
},
{
"category": "self",
"summary": "SUSE Bug 1255172",
"url": "https://bugzilla.suse.com/1255172"
},
{
"category": "self",
"summary": "SUSE Bug 1255216",
"url": "https://bugzilla.suse.com/1255216"
},
{
"category": "self",
"summary": "SUSE Bug 1255226",
"url": "https://bugzilla.suse.com/1255226"
},
{
"category": "self",
"summary": "SUSE Bug 1255241",
"url": "https://bugzilla.suse.com/1255241"
},
{
"category": "self",
"summary": "SUSE Bug 1255255",
"url": "https://bugzilla.suse.com/1255255"
},
{
"category": "self",
"summary": "SUSE Bug 1255260",
"url": "https://bugzilla.suse.com/1255260"
},
{
"category": "self",
"summary": "SUSE Bug 1255261",
"url": "https://bugzilla.suse.com/1255261"
},
{
"category": "self",
"summary": "SUSE Bug 1255266",
"url": "https://bugzilla.suse.com/1255266"
},
{
"category": "self",
"summary": "SUSE Bug 1255268",
"url": "https://bugzilla.suse.com/1255268"
},
{
"category": "self",
"summary": "SUSE Bug 1255269",
"url": "https://bugzilla.suse.com/1255269"
},
{
"category": "self",
"summary": "SUSE Bug 1255327",
"url": "https://bugzilla.suse.com/1255327"
},
{
"category": "self",
"summary": "SUSE Bug 1255346",
"url": "https://bugzilla.suse.com/1255346"
},
{
"category": "self",
"summary": "SUSE Bug 1255377",
"url": "https://bugzilla.suse.com/1255377"
},
{
"category": "self",
"summary": "SUSE Bug 1255401",
"url": "https://bugzilla.suse.com/1255401"
},
{
"category": "self",
"summary": "SUSE Bug 1255403",
"url": "https://bugzilla.suse.com/1255403"
},
{
"category": "self",
"summary": "SUSE Bug 1255417",
"url": "https://bugzilla.suse.com/1255417"
},
{
"category": "self",
"summary": "SUSE Bug 1255482",
"url": "https://bugzilla.suse.com/1255482"
},
{
"category": "self",
"summary": "SUSE Bug 1255488",
"url": "https://bugzilla.suse.com/1255488"
},
{
"category": "self",
"summary": "SUSE Bug 1255537",
"url": "https://bugzilla.suse.com/1255537"
},
{
"category": "self",
"summary": "SUSE Bug 1255539",
"url": "https://bugzilla.suse.com/1255539"
},
{
"category": "self",
"summary": "SUSE Bug 1255544",
"url": "https://bugzilla.suse.com/1255544"
},
{
"category": "self",
"summary": "SUSE Bug 1255547",
"url": "https://bugzilla.suse.com/1255547"
},
{
"category": "self",
"summary": "SUSE Bug 1255548",
"url": "https://bugzilla.suse.com/1255548"
},
{
"category": "self",
"summary": "SUSE Bug 1255552",
"url": "https://bugzilla.suse.com/1255552"
},
{
"category": "self",
"summary": "SUSE Bug 1255568",
"url": "https://bugzilla.suse.com/1255568"
},
{
"category": "self",
"summary": "SUSE Bug 1255569",
"url": "https://bugzilla.suse.com/1255569"
},
{
"category": "self",
"summary": "SUSE Bug 1255615",
"url": "https://bugzilla.suse.com/1255615"
},
{
"category": "self",
"summary": "SUSE Bug 1255622",
"url": "https://bugzilla.suse.com/1255622"
},
{
"category": "self",
"summary": "SUSE Bug 1255695",
"url": "https://bugzilla.suse.com/1255695"
},
{
"category": "self",
"summary": "SUSE Bug 1255930",
"url": "https://bugzilla.suse.com/1255930"
},
{
"category": "self",
"summary": "SUSE Bug 1256280",
"url": "https://bugzilla.suse.com/1256280"
},
{
"category": "self",
"summary": "SUSE Bug 1256528",
"url": "https://bugzilla.suse.com/1256528"
},
{
"category": "self",
"summary": "SUSE Bug 1256568",
"url": "https://bugzilla.suse.com/1256568"
},
{
"category": "self",
"summary": "SUSE Bug 1256579",
"url": "https://bugzilla.suse.com/1256579"
},
{
"category": "self",
"summary": "SUSE Bug 1256582",
"url": "https://bugzilla.suse.com/1256582"
},
{
"category": "self",
"summary": "SUSE Bug 1256584",
"url": "https://bugzilla.suse.com/1256584"
},
{
"category": "self",
"summary": "SUSE Bug 1256586",
"url": "https://bugzilla.suse.com/1256586"
},
{
"category": "self",
"summary": "SUSE Bug 1256591",
"url": "https://bugzilla.suse.com/1256591"
},
{
"category": "self",
"summary": "SUSE Bug 1256592",
"url": "https://bugzilla.suse.com/1256592"
},
{
"category": "self",
"summary": "SUSE Bug 1256593",
"url": "https://bugzilla.suse.com/1256593"
},
{
"category": "self",
"summary": "SUSE Bug 1256594",
"url": "https://bugzilla.suse.com/1256594"
},
{
"category": "self",
"summary": "SUSE Bug 1256597",
"url": "https://bugzilla.suse.com/1256597"
},
{
"category": "self",
"summary": "SUSE Bug 1256605",
"url": "https://bugzilla.suse.com/1256605"
},
{
"category": "self",
"summary": "SUSE Bug 1256606",
"url": "https://bugzilla.suse.com/1256606"
},
{
"category": "self",
"summary": "SUSE Bug 1256607",
"url": "https://bugzilla.suse.com/1256607"
},
{
"category": "self",
"summary": "SUSE Bug 1256608",
"url": "https://bugzilla.suse.com/1256608"
},
{
"category": "self",
"summary": "SUSE Bug 1256609",
"url": "https://bugzilla.suse.com/1256609"
},
{
"category": "self",
"summary": "SUSE Bug 1256610",
"url": "https://bugzilla.suse.com/1256610"
},
{
"category": "self",
"summary": "SUSE Bug 1256611",
"url": "https://bugzilla.suse.com/1256611"
},
{
"category": "self",
"summary": "SUSE Bug 1256612",
"url": "https://bugzilla.suse.com/1256612"
},
{
"category": "self",
"summary": "SUSE Bug 1256613",
"url": "https://bugzilla.suse.com/1256613"
},
{
"category": "self",
"summary": "SUSE Bug 1256616",
"url": "https://bugzilla.suse.com/1256616"
},
{
"category": "self",
"summary": "SUSE Bug 1256617",
"url": "https://bugzilla.suse.com/1256617"
},
{
"category": "self",
"summary": "SUSE Bug 1256619",
"url": "https://bugzilla.suse.com/1256619"
},
{
"category": "self",
"summary": "SUSE Bug 1256622",
"url": "https://bugzilla.suse.com/1256622"
},
{
"category": "self",
"summary": "SUSE Bug 1256623",
"url": "https://bugzilla.suse.com/1256623"
},
{
"category": "self",
"summary": "SUSE Bug 1256625",
"url": "https://bugzilla.suse.com/1256625"
},
{
"category": "self",
"summary": "SUSE Bug 1256627",
"url": "https://bugzilla.suse.com/1256627"
},
{
"category": "self",
"summary": "SUSE Bug 1256628",
"url": "https://bugzilla.suse.com/1256628"
},
{
"category": "self",
"summary": "SUSE Bug 1256630",
"url": "https://bugzilla.suse.com/1256630"
},
{
"category": "self",
"summary": "SUSE Bug 1256638",
"url": "https://bugzilla.suse.com/1256638"
},
{
"category": "self",
"summary": "SUSE Bug 1256641",
"url": "https://bugzilla.suse.com/1256641"
},
{
"category": "self",
"summary": "SUSE Bug 1256645",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "self",
"summary": "SUSE Bug 1256646",
"url": "https://bugzilla.suse.com/1256646"
},
{
"category": "self",
"summary": "SUSE Bug 1256650",
"url": "https://bugzilla.suse.com/1256650"
},
{
"category": "self",
"summary": "SUSE Bug 1256651",
"url": "https://bugzilla.suse.com/1256651"
},
{
"category": "self",
"summary": "SUSE Bug 1256653",
"url": "https://bugzilla.suse.com/1256653"
},
{
"category": "self",
"summary": "SUSE Bug 1256654",
"url": "https://bugzilla.suse.com/1256654"
},
{
"category": "self",
"summary": "SUSE Bug 1256655",
"url": "https://bugzilla.suse.com/1256655"
},
{
"category": "self",
"summary": "SUSE Bug 1256659",
"url": "https://bugzilla.suse.com/1256659"
},
{
"category": "self",
"summary": "SUSE Bug 1256660",
"url": "https://bugzilla.suse.com/1256660"
},
{
"category": "self",
"summary": "SUSE Bug 1256661",
"url": "https://bugzilla.suse.com/1256661"
},
{
"category": "self",
"summary": "SUSE Bug 1256664",
"url": "https://bugzilla.suse.com/1256664"
},
{
"category": "self",
"summary": "SUSE Bug 1256665",
"url": "https://bugzilla.suse.com/1256665"
},
{
"category": "self",
"summary": "SUSE Bug 1256674",
"url": "https://bugzilla.suse.com/1256674"
},
{
"category": "self",
"summary": "SUSE Bug 1256680",
"url": "https://bugzilla.suse.com/1256680"
},
{
"category": "self",
"summary": "SUSE Bug 1256682",
"url": "https://bugzilla.suse.com/1256682"
},
{
"category": "self",
"summary": "SUSE Bug 1256688",
"url": "https://bugzilla.suse.com/1256688"
},
{
"category": "self",
"summary": "SUSE Bug 1256689",
"url": "https://bugzilla.suse.com/1256689"
},
{
"category": "self",
"summary": "SUSE Bug 1256690",
"url": "https://bugzilla.suse.com/1256690"
},
{
"category": "self",
"summary": "SUSE Bug 1256726",
"url": "https://bugzilla.suse.com/1256726"
},
{
"category": "self",
"summary": "SUSE Bug 1256728",
"url": "https://bugzilla.suse.com/1256728"
},
{
"category": "self",
"summary": "SUSE Bug 1256730",
"url": "https://bugzilla.suse.com/1256730"
},
{
"category": "self",
"summary": "SUSE Bug 1256733",
"url": "https://bugzilla.suse.com/1256733"
},
{
"category": "self",
"summary": "SUSE Bug 1256737",
"url": "https://bugzilla.suse.com/1256737"
},
{
"category": "self",
"summary": "SUSE Bug 1256741",
"url": "https://bugzilla.suse.com/1256741"
},
{
"category": "self",
"summary": "SUSE Bug 1256742",
"url": "https://bugzilla.suse.com/1256742"
},
{
"category": "self",
"summary": "SUSE Bug 1256744",
"url": "https://bugzilla.suse.com/1256744"
},
{
"category": "self",
"summary": "SUSE Bug 1256748",
"url": "https://bugzilla.suse.com/1256748"
},
{
"category": "self",
"summary": "SUSE Bug 1256749",
"url": "https://bugzilla.suse.com/1256749"
},
{
"category": "self",
"summary": "SUSE Bug 1256752",
"url": "https://bugzilla.suse.com/1256752"
},
{
"category": "self",
"summary": "SUSE Bug 1256754",
"url": "https://bugzilla.suse.com/1256754"
},
{
"category": "self",
"summary": "SUSE Bug 1256756",
"url": "https://bugzilla.suse.com/1256756"
},
{
"category": "self",
"summary": "SUSE Bug 1256757",
"url": "https://bugzilla.suse.com/1256757"
},
{
"category": "self",
"summary": "SUSE Bug 1256759",
"url": "https://bugzilla.suse.com/1256759"
},
{
"category": "self",
"summary": "SUSE Bug 1256760",
"url": "https://bugzilla.suse.com/1256760"
},
{
"category": "self",
"summary": "SUSE Bug 1256761",
"url": "https://bugzilla.suse.com/1256761"
},
{
"category": "self",
"summary": "SUSE Bug 1256763",
"url": "https://bugzilla.suse.com/1256763"
},
{
"category": "self",
"summary": "SUSE Bug 1256770",
"url": "https://bugzilla.suse.com/1256770"
},
{
"category": "self",
"summary": "SUSE Bug 1256773",
"url": "https://bugzilla.suse.com/1256773"
},
{
"category": "self",
"summary": "SUSE Bug 1256774",
"url": "https://bugzilla.suse.com/1256774"
},
{
"category": "self",
"summary": "SUSE Bug 1256777",
"url": "https://bugzilla.suse.com/1256777"
},
{
"category": "self",
"summary": "SUSE Bug 1256779",
"url": "https://bugzilla.suse.com/1256779"
},
{
"category": "self",
"summary": "SUSE Bug 1256781",
"url": "https://bugzilla.suse.com/1256781"
},
{
"category": "self",
"summary": "SUSE Bug 1256785",
"url": "https://bugzilla.suse.com/1256785"
},
{
"category": "self",
"summary": "SUSE Bug 1256792",
"url": "https://bugzilla.suse.com/1256792"
},
{
"category": "self",
"summary": "SUSE Bug 1256794",
"url": "https://bugzilla.suse.com/1256794"
},
{
"category": "self",
"summary": "SUSE Bug 1256861",
"url": "https://bugzilla.suse.com/1256861"
},
{
"category": "self",
"summary": "SUSE Bug 1256863",
"url": "https://bugzilla.suse.com/1256863"
},
{
"category": "self",
"summary": "SUSE Bug 1257035",
"url": "https://bugzilla.suse.com/1257035"
},
{
"category": "self",
"summary": "SUSE Bug 1257053",
"url": "https://bugzilla.suse.com/1257053"
},
{
"category": "self",
"summary": "SUSE Bug 1257154",
"url": "https://bugzilla.suse.com/1257154"
},
{
"category": "self",
"summary": "SUSE Bug 1257155",
"url": "https://bugzilla.suse.com/1257155"
},
{
"category": "self",
"summary": "SUSE Bug 1257158",
"url": "https://bugzilla.suse.com/1257158"
},
{
"category": "self",
"summary": "SUSE Bug 1257163",
"url": "https://bugzilla.suse.com/1257163"
},
{
"category": "self",
"summary": "SUSE Bug 1257164",
"url": "https://bugzilla.suse.com/1257164"
},
{
"category": "self",
"summary": "SUSE Bug 1257167",
"url": "https://bugzilla.suse.com/1257167"
},
{
"category": "self",
"summary": "SUSE Bug 1257168",
"url": "https://bugzilla.suse.com/1257168"
},
{
"category": "self",
"summary": "SUSE Bug 1257180",
"url": "https://bugzilla.suse.com/1257180"
},
{
"category": "self",
"summary": "SUSE Bug 1257202",
"url": "https://bugzilla.suse.com/1257202"
},
{
"category": "self",
"summary": "SUSE Bug 1257204",
"url": "https://bugzilla.suse.com/1257204"
},
{
"category": "self",
"summary": "SUSE Bug 1257207",
"url": "https://bugzilla.suse.com/1257207"
},
{
"category": "self",
"summary": "SUSE Bug 1257208",
"url": "https://bugzilla.suse.com/1257208"
},
{
"category": "self",
"summary": "SUSE Bug 1257215",
"url": "https://bugzilla.suse.com/1257215"
},
{
"category": "self",
"summary": "SUSE Bug 1257217",
"url": "https://bugzilla.suse.com/1257217"
},
{
"category": "self",
"summary": "SUSE Bug 1257218",
"url": "https://bugzilla.suse.com/1257218"
},
{
"category": "self",
"summary": "SUSE Bug 1257220",
"url": "https://bugzilla.suse.com/1257220"
},
{
"category": "self",
"summary": "SUSE Bug 1257221",
"url": "https://bugzilla.suse.com/1257221"
},
{
"category": "self",
"summary": "SUSE Bug 1257227",
"url": "https://bugzilla.suse.com/1257227"
},
{
"category": "self",
"summary": "SUSE Bug 1257232",
"url": "https://bugzilla.suse.com/1257232"
},
{
"category": "self",
"summary": "SUSE Bug 1257234",
"url": "https://bugzilla.suse.com/1257234"
},
{
"category": "self",
"summary": "SUSE Bug 1257236",
"url": "https://bugzilla.suse.com/1257236"
},
{
"category": "self",
"summary": "SUSE Bug 1257245",
"url": "https://bugzilla.suse.com/1257245"
},
{
"category": "self",
"summary": "SUSE Bug 1257277",
"url": "https://bugzilla.suse.com/1257277"
},
{
"category": "self",
"summary": "SUSE Bug 1257282",
"url": "https://bugzilla.suse.com/1257282"
},
{
"category": "self",
"summary": "SUSE Bug 1257296",
"url": "https://bugzilla.suse.com/1257296"
},
{
"category": "self",
"summary": "SUSE Bug 1257473",
"url": "https://bugzilla.suse.com/1257473"
},
{
"category": "self",
"summary": "SUSE Bug 1257603",
"url": "https://bugzilla.suse.com/1257603"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53714 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-54013 page",
"url": "https://www.suse.com/security/cve/CVE-2023-54013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42103 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56721 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22047 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38209 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38243 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38322 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38379 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38539 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39880 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40106 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40132 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40166 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40177 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40202 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40238 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40254 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40257 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40259 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40261 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40264 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40328 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40350 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40355 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40363 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68171 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68174 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68178 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68188 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68200 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68227 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68241 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68254 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68256 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68256/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68261 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68284 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68285 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68296 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68297 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68301 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68320 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68327 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68337 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68349 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68363 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68365 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68366 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68367 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68372 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68379 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68777 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68783 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71076 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71082 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71084 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71087 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71091 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71094 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71096 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71098 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71099 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71100 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71101 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71112 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71114 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71118 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71123 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71130 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71132 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71135 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71137 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71143 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71154 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71162 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71163 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22976 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22977 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22978 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22985 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22988 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22990 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22991 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22992 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22993 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22996 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22997 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22999 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23000 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23001 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23006 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23011 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23011/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-02-11T14:05:07Z",
"generator": {
"date": "2026-02-11T14:05:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0447-1",
"initial_release_date": "2026-02-11T14:05:07Z",
"revision_history": [
{
"date": "2026-02-11T14:05:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-altera-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-amd-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-apm-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-apple-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-arm-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-lg-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150700.53.31.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-default-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"product_id": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.31.1.aarch64",
"product_id": "kernel-syms-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.31.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150700.53.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150700.53.31.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150700.53.31.1.noarch",
"product_id": "kernel-devel-6.4.0-150700.53.31.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150700.53.31.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150700.53.31.1.noarch",
"product_id": "kernel-docs-6.4.0-150700.53.31.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150700.53.31.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150700.53.31.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150700.53.31.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150700.53.31.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150700.53.31.1.noarch",
"product_id": "kernel-macros-6.4.0-150700.53.31.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150700.53.31.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150700.53.31.1.noarch",
"product_id": "kernel-source-6.4.0-150700.53.31.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150700.53.31.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150700.53.31.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150700.53.31.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-default-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"product_id": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-default-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-syms-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"product_id": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.31.1.150700.17.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.31.1.x86_64",
"product_id": "kernel-syms-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150700.53.31.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150700.53.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150700.53.31.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150700.53.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150700.53.31.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150700.53.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150700.53.31.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150700.53.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150700.53.31.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150700.53.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/stm: ltdc: fix late dereference check\n\nIn ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a\ncontainer_of() before the pointer check. This could cause a kernel panic.\n\nFix this smatch warning:\ndrivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check \u0027crtc\u0027 (see line 1119)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53714",
"url": "https://www.suse.com/security/cve/CVE-2023-53714"
},
{
"category": "external",
"summary": "SUSE Bug 1254465 for CVE-2023-53714",
"url": "https://bugzilla.suse.com/1254465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-53714"
},
{
"cve": "CVE-2023-54013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-54013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: Fix locking for runpm vs reclaim\n\nFor cases where icc_bw_set() can be called in callbaths that could\ndeadlock against shrinker/reclaim, such as runpm resume, we need to\ndecouple the icc locking. Introduce a new icc_bw_lock for cases where\nwe need to serialize bw aggregation and update to decouple that from\npaths that require memory allocation such as node/link creation/\ndestruction.\n\nFixes this lockdep splat:\n\n ======================================================\n WARNING: possible circular locking dependency detected\n 6.2.0-rc8-debug+ #554 Not tainted\n ------------------------------------------------------\n ring0/132 is trying to acquire lock:\n ffffff80871916d0 (\u0026gmu-\u003elock){+.+.}-{3:3}, at: a6xx_pm_resume+0xf0/0x234\n\n but task is already holding lock:\n ffffffdb5aee57e8 (dma_fence_map){++++}-{0:0}, at: msm_job_run+0x68/0x150\n\n which lock already depends on the new lock.\n\n the existing dependency chain (in reverse order) is:\n\n -\u003e #4 (dma_fence_map){++++}-{0:0}:\n __dma_fence_might_wait+0x74/0xc0\n dma_resv_lockdep+0x1f4/0x2f4\n do_one_initcall+0x104/0x2bc\n kernel_init_freeable+0x344/0x34c\n kernel_init+0x30/0x134\n ret_from_fork+0x10/0x20\n\n -\u003e #3 (mmu_notifier_invalidate_range_start){+.+.}-{0:0}:\n fs_reclaim_acquire+0x80/0xa8\n slab_pre_alloc_hook.constprop.0+0x40/0x25c\n __kmem_cache_alloc_node+0x60/0x1cc\n __kmalloc+0xd8/0x100\n topology_parse_cpu_capacity+0x8c/0x178\n get_cpu_for_node+0x88/0xc4\n parse_cluster+0x1b0/0x28c\n parse_cluster+0x8c/0x28c\n init_cpu_topology+0x168/0x188\n smp_prepare_cpus+0x24/0xf8\n kernel_init_freeable+0x18c/0x34c\n kernel_init+0x30/0x134\n ret_from_fork+0x10/0x20\n\n -\u003e #2 (fs_reclaim){+.+.}-{0:0}:\n __fs_reclaim_acquire+0x3c/0x48\n fs_reclaim_acquire+0x54/0xa8\n slab_pre_alloc_hook.constprop.0+0x40/0x25c\n __kmem_cache_alloc_node+0x60/0x1cc\n __kmalloc+0xd8/0x100\n kzalloc.constprop.0+0x14/0x20\n icc_node_create_nolock+0x4c/0xc4\n icc_node_create+0x38/0x58\n qcom_icc_rpmh_probe+0x1b8/0x248\n platform_probe+0x70/0xc4\n really_probe+0x158/0x290\n __driver_probe_device+0xc8/0xe0\n driver_probe_device+0x44/0x100\n __driver_attach+0xf8/0x108\n bus_for_each_dev+0x78/0xc4\n driver_attach+0x2c/0x38\n bus_add_driver+0xd0/0x1d8\n driver_register+0xbc/0xf8\n __platform_driver_register+0x30/0x3c\n qnoc_driver_init+0x24/0x30\n do_one_initcall+0x104/0x2bc\n kernel_init_freeable+0x344/0x34c\n kernel_init+0x30/0x134\n ret_from_fork+0x10/0x20\n\n -\u003e #1 (icc_lock){+.+.}-{3:3}:\n __mutex_lock+0xcc/0x3c8\n mutex_lock_nested+0x30/0x44\n icc_set_bw+0x88/0x2b4\n _set_opp_bw+0x8c/0xd8\n _set_opp+0x19c/0x300\n dev_pm_opp_set_opp+0x84/0x94\n a6xx_gmu_resume+0x18c/0x804\n a6xx_pm_resume+0xf8/0x234\n adreno_runtime_resume+0x2c/0x38\n pm_generic_runtime_resume+0x30/0x44\n __rpm_callback+0x15c/0x174\n rpm_callback+0x78/0x7c\n rpm_resume+0x318/0x524\n __pm_runtime_resume+0x78/0xbc\n adreno_load_gpu+0xc4/0x17c\n msm_open+0x50/0x120\n drm_file_alloc+0x17c/0x228\n drm_open_helper+0x74/0x118\n drm_open+0xa0/0x144\n drm_stub_open+0xd4/0xe4\n chrdev_open+0x1b8/0x1e4\n do_dentry_open+0x2f8/0x38c\n vfs_open+0x34/0x40\n path_openat+0x64c/0x7b4\n do_filp_open+0x54/0xc4\n do_sys_openat2+0x9c/0x100\n do_sys_open+0x50/0x7c\n __arm64_sys_openat+0x28/0x34\n invoke_syscall+0x8c/0x128\n el0_svc_common.constprop.0+0xa0/0x11c\n do_el0_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-54013",
"url": "https://www.suse.com/security/cve/CVE-2023-54013"
},
{
"category": "external",
"summary": "SUSE Bug 1256280 for CVE-2023-54013",
"url": "https://bugzilla.suse.com/1256280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-54013"
},
{
"cve": "CVE-2024-27005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: Don\u0027t access req_list while it\u0027s being manipulated\n\nThe icc_lock mutex was split into separate icc_lock and icc_bw_lock\nmutexes in [1] to avoid lockdep splats. However, this didn\u0027t adequately\nprotect access to icc_node::req_list.\n\nThe icc_set_bw() function will eventually iterate over req_list while\nonly holding icc_bw_lock, but req_list can be modified while only\nholding icc_lock. This causes races between icc_set_bw(), of_icc_get(),\nand icc_put().\n\nExample A:\n\n CPU0 CPU1\n ---- ----\n icc_set_bw(path_a)\n mutex_lock(\u0026icc_bw_lock);\n icc_put(path_b)\n mutex_lock(\u0026icc_lock);\n aggregate_requests()\n hlist_for_each_entry(r, ...\n hlist_del(...\n \u003cr = invalid pointer\u003e\n\nExample B:\n\n CPU0 CPU1\n ---- ----\n icc_set_bw(path_a)\n mutex_lock(\u0026icc_bw_lock);\n path_b = of_icc_get()\n of_icc_get_by_index()\n mutex_lock(\u0026icc_lock);\n path_find()\n path_init()\n aggregate_requests()\n hlist_for_each_entry(r, ...\n hlist_add_head(...\n \u003cr = invalid pointer\u003e\n\nFix this by ensuring icc_bw_lock is always held before manipulating\nicc_node::req_list. The additional places icc_bw_lock is held don\u0027t\nperform any memory allocations, so we should still be safe from the\noriginal lockdep splats that motivated the separate locks.\n\n[1] commit af42269c3523 (\"interconnect: Fix locking for runpm vs reclaim\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27005",
"url": "https://www.suse.com/security/cve/CVE-2024-27005"
},
{
"category": "external",
"summary": "SUSE Bug 1223800 for CVE-2024-27005",
"url": "https://bugzilla.suse.com/1223800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-27005"
},
{
"cve": "CVE-2024-42103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix adding block group to a reclaim list and the unused list during reclaim\n\nThere is a potential parallel list adding for retrying in\nbtrfs_reclaim_bgs_work and adding to the unused list. Since the block\ngroup is removed from the reclaim list and it is on a relocation work,\nit can be added into the unused list in parallel. When that happens,\nadding it to the reclaim list will corrupt the list head and trigger\nlist corruption like below.\n\nFix it by taking fs_info-\u003eunused_bgs_lock.\n\n [177.504][T2585409] BTRFS error (device nullb1): error relocating ch= unk 2415919104\n [177.514][T2585409] list_del corruption. next-\u003eprev should be ff1100= 0344b119c0, but was ff11000377e87c70. (next=3Dff110002390cd9c0)\n [177.529][T2585409] ------------[ cut here ]------------\n [177.537][T2585409] kernel BUG at lib/list_debug.c:65!\n [177.545][T2585409] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [177.555][T2585409] CPU: 9 PID: 2585409 Comm: kworker/u128:2 Tainted: G W 6.10.0-rc5-kts #1\n [177.568][T2585409] Hardware name: Supermicro SYS-520P-WTR/X12SPW-TF, BIOS 1.2 02/14/2022\n [177.579][T2585409] Workqueue: events_unbound btrfs_reclaim_bgs_work[btrfs]\n [177.589][T2585409] RIP: 0010:__list_del_entry_valid_or_report.cold+0x70/0x72\n [177.624][T2585409] RSP: 0018:ff11000377e87a70 EFLAGS: 00010286\n [177.633][T2585409] RAX: 000000000000006d RBX: ff11000344b119c0 RCX:0000000000000000\n [177.644][T2585409] RDX: 000000000000006d RSI: 0000000000000008 RDI:ffe21c006efd0f40\n [177.655][T2585409] RBP: ff110002e0509f78 R08: 0000000000000001 R09:ffe21c006efd0f08\n [177.665][T2585409] R10: ff11000377e87847 R11: 0000000000000000 R12:ff110002390cd9c0\n [177.676][T2585409] R13: ff11000344b119c0 R14: ff110002e0508000 R15:dffffc0000000000\n [177.687][T2585409] FS: 0000000000000000(0000) GS:ff11000fec880000(0000) knlGS:0000000000000000\n [177.700][T2585409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [177.709][T2585409] CR2: 00007f06bc7b1978 CR3: 0000001021e86005 CR4:0000000000771ef0\n [177.720][T2585409] DR0: 0000000000000000 DR1: 0000000000000000 DR2:0000000000000000\n [177.731][T2585409] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:0000000000000400\n [177.742][T2585409] PKRU: 55555554\n [177.748][T2585409] Call Trace:\n [177.753][T2585409] \u003cTASK\u003e\n [177.759][T2585409] ? __die_body.cold+0x19/0x27\n [177.766][T2585409] ? die+0x2e/0x50\n [177.772][T2585409] ? do_trap+0x1ea/0x2d0\n [177.779][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.788][T2585409] ? do_error_trap+0xa3/0x160\n [177.795][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.805][T2585409] ? handle_invalid_op+0x2c/0x40\n [177.812][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.820][T2585409] ? exc_invalid_op+0x2d/0x40\n [177.827][T2585409] ? asm_exc_invalid_op+0x1a/0x20\n [177.834][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.843][T2585409] btrfs_delete_unused_bgs+0x3d9/0x14c0 [btrfs]\n\nThere is a similar retry_list code in btrfs_delete_unused_bgs(), but it is\nsafe, AFAICS. Since the block group was in the unused list, the used bytes\nshould be 0 when it was added to the unused list. Then, it checks\nblock_group-\u003e{used,reserved,pinned} are still 0 under the\nblock_group-\u003elock. So, they should be still eligible for the unused list,\nnot the reclaim list.\n\nThe reason it is safe there it\u0027s because because we\u0027re holding\nspace_info-\u003egroups_sem in write mode.\n\nThat means no other task can allocate from the block group, so while we\nare at deleted_unused_bgs() it\u0027s not possible for other tasks to\nallocate and deallocate extents from the block group, so it can\u0027t be\nadded to the unused list or the reclaim list by anyone else.\n\nThe bug can be reproduced by btrfs/166 after a few rounds. In practice\nthis can be hit when relocation cannot find more chunk space and ends\nwith ENOSPC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42103",
"url": "https://www.suse.com/security/cve/CVE-2024-42103"
},
{
"category": "external",
"summary": "SUSE Bug 1228490 for CVE-2024-42103",
"url": "https://bugzilla.suse.com/1228490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-42103"
},
{
"cve": "CVE-2024-53070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: fix fault at system suspend if device was already runtime suspended\n\nIf the device was already runtime suspended then during system suspend\nwe cannot access the device registers else it will crash.\n\nAlso we cannot access any registers after dwc3_core_exit() on some\nplatforms so move the dwc3_enable_susphy() call to the top.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53070",
"url": "https://www.suse.com/security/cve/CVE-2024-53070"
},
{
"category": "external",
"summary": "SUSE Bug 1233563 for CVE-2024-53070",
"url": "https://bugzilla.suse.com/1233563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-53070"
},
{
"cve": "CVE-2024-53149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: glink: fix off-by-one in connector_status\n\nUCSI connector\u0027s indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS.\nCorrect the condition in the pmic_glink_ucsi_connector_status()\ncallback, fixing Type-C orientation reporting for the third USB-C\nconnector.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53149",
"url": "https://www.suse.com/security/cve/CVE-2024-53149"
},
{
"category": "external",
"summary": "SUSE Bug 1234842 for CVE-2024-53149",
"url": "https://bugzilla.suse.com/1234842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "low"
}
],
"title": "CVE-2024-53149"
},
{
"cve": "CVE-2024-56721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Terminate the erratum_1386_microcode array\n\nThe erratum_1386_microcode array requires an empty entry at the end.\nOtherwise x86_match_cpu_with_stepping() will continue iterate the array after\nit ended.\n\nAdd an empty entry to erratum_1386_microcode to its end.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56721",
"url": "https://www.suse.com/security/cve/CVE-2024-56721"
},
{
"category": "external",
"summary": "SUSE Bug 1235566 for CVE-2024-56721",
"url": "https://bugzilla.suse.com/1235566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56721"
},
{
"cve": "CVE-2025-22047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix __apply_microcode_amd()\u0027s return value\n\nWhen verify_sha256_digest() fails, __apply_microcode_amd() should propagate\nthe failure by returning false (and not -1 which is promoted to true).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22047",
"url": "https://www.suse.com/security/cve/CVE-2025-22047"
},
{
"category": "external",
"summary": "SUSE Bug 1241437 for CVE-2025-22047",
"url": "https://bugzilla.suse.com/1241437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-22047"
},
{
"cve": "CVE-2025-37744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix memory leak in ath12k_pci_remove()\n\nKmemleak reported this error:\n\n unreferenced object 0xffff1c165cec3060 (size 32):\n comm \"insmod\", pid 560, jiffies 4296964570 (age 235.596s)\n backtrace:\n [\u003c000000005434db68\u003e] __kmem_cache_alloc_node+0x1f4/0x2c0\n [\u003c000000001203b155\u003e] kmalloc_trace+0x40/0x88\n [\u003c0000000028adc9c8\u003e] _request_firmware+0xb8/0x608\n [\u003c00000000cad1aef7\u003e] firmware_request_nowarn+0x50/0x80\n [\u003c000000005011a682\u003e] local_pci_probe+0x48/0xd0\n [\u003c00000000077cd295\u003e] pci_device_probe+0xb4/0x200\n [\u003c0000000087184c94\u003e] really_probe+0x150/0x2c0\n\nThe firmware memory was allocated in ath12k_pci_probe(), but not\nfreed in ath12k_pci_remove() in case ATH12K_FLAG_QMI_FAIL bit is\nset. So call ath12k_fw_unmap() to free the memory.\n\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.2.0-02280-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37744",
"url": "https://www.suse.com/security/cve/CVE-2025-37744"
},
{
"category": "external",
"summary": "SUSE Bug 1243662 for CVE-2025-37744",
"url": "https://bugzilla.suse.com/1243662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-37744"
},
{
"cve": "CVE-2025-37751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu: Avoid running off the end of an AMD erratum table\n\nThe NULL array terminator at the end of erratum_1386_microcode was\nremoved during the switch from x86_cpu_desc to x86_cpu_id. This\ncauses readers to run off the end of the array.\n\nReplace the NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37751",
"url": "https://www.suse.com/security/cve/CVE-2025-37751"
},
{
"category": "external",
"summary": "SUSE Bug 1242505 for CVE-2025-37751",
"url": "https://bugzilla.suse.com/1242505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-37751"
},
{
"cve": "CVE-2025-37813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix invalid pointer dereference in Etron workaround\n\nThis check is performed before prepare_transfer() and prepare_ring(), so\nenqueue can already point at the final link TRB of a segment. And indeed\nit will, some 0.4% of times this code is called.\n\nThen enqueue + 1 is an invalid pointer. It will crash the kernel right\naway or load some junk which may look like a link TRB and cause the real\nlink TRB to be replaced with a NOOP. This wouldn\u0027t end well.\n\nUse a functionally equivalent test which doesn\u0027t dereference the pointer\nand always gives correct result.\n\nSomething has crashed my machine twice in recent days while playing with\nan Etron HC, and a control transfer stress test ran for confirmation has\njust crashed it again. The same test passes with this patch applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37813",
"url": "https://www.suse.com/security/cve/CVE-2025-37813"
},
{
"category": "external",
"summary": "SUSE Bug 1242909 for CVE-2025-37813",
"url": "https://bugzilla.suse.com/1242909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-37813"
},
{
"cve": "CVE-2025-38209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: remove tag set when second admin queue config fails\n\nCommit 104d0e2f6222 (\"nvme-fabrics: reset admin connection for secure\nconcatenation\") modified nvme_tcp_setup_ctrl() to call\nnvme_tcp_configure_admin_queue() twice. The first call prepares for\nDH-CHAP negotitation, and the second call is required for secure\nconcatenation. However, this change triggered BUG KASAN slab-use-after-\nfree in blk_mq_queue_tag_busy_iter(). This BUG can be recreated by\nrepeating the blktests test case nvme/063 a few times [1].\n\nWhen the BUG happens, nvme_tcp_create_ctrl() fails in the call chain\nbelow:\n\nnvme_tcp_create_ctrl()\n nvme_tcp_alloc_ctrl() new=true ... Alloc nvme_tcp_ctrl and admin_tag_set\n nvme_tcp_setup_ctrl() new=true\n nvme_tcp_configure_admin_queue() new=true ... Succeed\n nvme_alloc_admin_tag_set() ... Alloc the tag set for admin_tag_set\n nvme_stop_keep_alive()\n nvme_tcp_teardown_admin_queue() remove=false\n nvme_tcp_configure_admin_queue() new=false\n nvme_tcp_alloc_admin_queue() ... Fail, but do not call nvme_remove_admin_tag_set()\n nvme_uninit_ctrl()\n nvme_put_ctrl() ... Free up the nvme_tcp_ctrl and admin_tag_set\n\nThe first call of nvme_tcp_configure_admin_queue() succeeds with\nnew=true argument. The second call fails with new=false argument. This\nsecond call does not call nvme_remove_admin_tag_set() on failure, due to\nthe new=false argument. Then the admin tag set is not removed. However,\nnvme_tcp_create_ctrl() assumes that nvme_tcp_setup_ctrl() would call\nnvme_remove_admin_tag_set(). Then it frees up struct nvme_tcp_ctrl which\nhas admin_tag_set field. Later on, the timeout handler accesses the\nadmin_tag_set field and causes the BUG KASAN slab-use-after-free.\n\nTo not leave the admin tag set, call nvme_remove_admin_tag_set() when\nthe second nvme_tcp_configure_admin_queue() call fails. Do not return\nfrom nvme_tcp_setup_ctrl() on failure. Instead, jump to \"destroy_admin\"\ngo-to label to call nvme_tcp_teardown_admin_queue() which calls\nnvme_remove_admin_tag_set().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38209",
"url": "https://www.suse.com/security/cve/CVE-2025-38209"
},
{
"category": "external",
"summary": "SUSE Bug 1246022 for CVE-2025-38209",
"url": "https://bugzilla.suse.com/1246022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-38209"
},
{
"cve": "CVE-2025-38243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38243"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid inode pointer dereferences during log replay\n\nIn a few places where we call read_one_inode(), if we get a NULL pointer\nwe end up jumping into an error path, or fallthrough in case of\n__add_inode_ref(), where we then do something like this:\n\n iput(\u0026inode-\u003evfs_inode);\n\nwhich results in an invalid inode pointer that triggers an invalid memory\naccess, resulting in a crash.\n\nFix this by making sure we don\u0027t do such dereferences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38243",
"url": "https://www.suse.com/security/cve/CVE-2025-38243"
},
{
"category": "external",
"summary": "SUSE Bug 1246184 for CVE-2025-38243",
"url": "https://bugzilla.suse.com/1246184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-38243"
},
{
"cve": "CVE-2025-38322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38322"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix crash in icl_update_topdown_event()\n\nThe perf_fuzzer found a hard-lockup crash on a RaptorLake machine:\n\n Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000\n CPU: 23 UID: 0 PID: 0 Comm: swapper/23\n Tainted: [W]=WARN\n Hardware name: Dell Inc. Precision 9660/0VJ762\n RIP: 0010:native_read_pmc+0x7/0x40\n Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ...\n RSP: 000:fffb03100273de8 EFLAGS: 00010046\n ....\n Call Trace:\n \u003cTASK\u003e\n icl_update_topdown_event+0x165/0x190\n ? ktime_get+0x38/0xd0\n intel_pmu_read_event+0xf9/0x210\n __perf_event_read+0xf9/0x210\n\nCPUs 16-23 are E-core CPUs that don\u0027t support the perf metrics feature.\nThe icl_update_topdown_event() should not be invoked on these CPUs.\n\nIt\u0027s a regression of commit:\n\n f9bdf1f95339 (\"perf/x86/intel: Avoid disable PMU if !cpuc-\u003eenabled in sample read\")\n\nThe bug introduced by that commit is that the is_topdown_event() function\nis mistakenly used to replace the is_topdown_count() call to check if the\ntopdown functions for the perf metrics feature should be invoked.\n\nFix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38322",
"url": "https://www.suse.com/security/cve/CVE-2025-38322"
},
{
"category": "external",
"summary": "SUSE Bug 1246447 for CVE-2025-38322",
"url": "https://bugzilla.suse.com/1246447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-38322"
},
{
"cve": "CVE-2025-38379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix warning when reconnecting channel\n\nWhen reconnecting a channel in smb2_reconnect_server(), a dummy tcon\nis passed down to smb2_reconnect() with -\u003equery_interface\nuninitialized, so we can\u0027t call queue_delayed_work() on it.\n\nFix the following warning by ensuring that we\u0027re queueing the delayed\nworker from correct tcon.\n\nWARNING: CPU: 4 PID: 1126 at kernel/workqueue.c:2498 __queue_delayed_work+0x1d2/0x200\nModules linked in: cifs cifs_arc4 nls_ucs2_utils cifs_md4 [last unloaded: cifs]\nCPU: 4 UID: 0 PID: 1126 Comm: kworker/4:0 Not tainted 6.16.0-rc3 #5 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-4.fc42 04/01/2014\nWorkqueue: cifsiod smb2_reconnect_server [cifs]\nRIP: 0010:__queue_delayed_work+0x1d2/0x200\nCode: 41 5e 41 5f e9 7f ee ff ff 90 0f 0b 90 e9 5d ff ff ff bf 02 00\n00 00 e8 6c f3 07 00 89 c3 eb bd 90 0f 0b 90 e9 57 f\u003e 0b 90 e9 65 fe\nff ff 90 0f 0b 90 e9 72 fe ff ff 90 0f 0b 90 e9\nRSP: 0018:ffffc900014afad8 EFLAGS: 00010003\nRAX: 0000000000000000 RBX: ffff888124d99988 RCX: ffffffff81399cc1\nRDX: dffffc0000000000 RSI: ffff888114326e00 RDI: ffff888124d999f0\nRBP: 000000000000ea60 R08: 0000000000000001 R09: ffffed10249b3331\nR10: ffff888124d9998f R11: 0000000000000004 R12: 0000000000000040\nR13: ffff888114326e00 R14: ffff888124d999d8 R15: ffff888114939020\nFS: 0000000000000000(0000) GS:ffff88829f7fe000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe7a2b4038 CR3: 0000000120a6f000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n queue_delayed_work_on+0xb4/0xc0\n smb2_reconnect+0xb22/0xf50 [cifs]\n smb2_reconnect_server+0x413/0xd40 [cifs]\n ? __pfx_smb2_reconnect_server+0x10/0x10 [cifs]\n ? local_clock_noinstr+0xd/0xd0\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n process_one_work+0x4c5/0xa10\n ? __pfx_process_one_work+0x10/0x10\n ? __list_add_valid_or_report+0x37/0x120\n worker_thread+0x2f1/0x5a0\n ? __kthread_parkme+0xde/0x100\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x1f0\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x15b/0x1f0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nirq event stamp: 1116206\nhardirqs last enabled at (1116205): [\u003cffffffff8143af42\u003e] __up_console_sem+0x52/0x60\nhardirqs last disabled at (1116206): [\u003cffffffff81399f0e\u003e] queue_delayed_work_on+0x6e/0xc0\nsoftirqs last enabled at (1116138): [\u003cffffffffc04562fd\u003e] __smb_send_rqst+0x42d/0x950 [cifs]\nsoftirqs last disabled at (1116136): [\u003cffffffff823d35e1\u003e] release_sock+0x21/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38379",
"url": "https://www.suse.com/security/cve/CVE-2025-38379"
},
{
"category": "external",
"summary": "SUSE Bug 1247030 for CVE-2025-38379",
"url": "https://bugzilla.suse.com/1247030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-38379"
},
{
"cve": "CVE-2025-38539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add down_write(trace_event_sem) when adding trace event\n\nWhen a module is loaded, it adds trace events defined by the module. It\nmay also need to modify the modules trace printk formats to replace enum\nnames with their values.\n\nIf two modules are loaded at the same time, the adding of the event to the\nftrace_events list can corrupt the walking of the list in the code that is\nmodifying the printk format strings and crash the kernel.\n\nThe addition of the event should take the trace_event_sem for write while\nit adds the new event.\n\nAlso add a lockdep_assert_held() on that semaphore in\n__trace_add_event_dirs() as it iterates the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38539",
"url": "https://www.suse.com/security/cve/CVE-2025-38539"
},
{
"category": "external",
"summary": "SUSE Bug 1248211 for CVE-2025-38539",
"url": "https://bugzilla.suse.com/1248211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-38539"
},
{
"cve": "CVE-2025-39689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Also allocate and copy hash for reading of filter files\n\nCurrently the reader of set_ftrace_filter and set_ftrace_notrace just adds\nthe pointer to the global tracer hash to its iterator. Unlike the writer\nthat allocates a copy of the hash, the reader keeps the pointer to the\nfilter hashes. This is problematic because this pointer is static across\nfunction calls that release the locks that can update the global tracer\nhashes. This can cause UAF and similar bugs.\n\nAllocate and copy the hash for reading the filter files like it is done\nfor the writers. This not only fixes UAF bugs, but also makes the code a\nbit simpler as it doesn\u0027t have to differentiate when to free the\niterator\u0027s hash between writers and readers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39689",
"url": "https://www.suse.com/security/cve/CVE-2025-39689"
},
{
"category": "external",
"summary": "SUSE Bug 1249307 for CVE-2025-39689",
"url": "https://bugzilla.suse.com/1249307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-39689"
},
{
"cve": "CVE-2025-39813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix potential warning in trace_printk_seq during ftrace_dump\n\nWhen calling ftrace_dump_one() concurrently with reading trace_pipe,\na WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race\ncondition.\n\nThe issue occurs because:\n\nCPU0 (ftrace_dump) CPU1 (reader)\necho z \u003e /proc/sysrq-trigger\n\n!trace_empty(\u0026iter)\ntrace_iterator_reset(\u0026iter) \u003c- len = size = 0\n cat /sys/kernel/tracing/trace_pipe\ntrace_find_next_entry_inc(\u0026iter)\n __find_next_entry\n ring_buffer_empty_cpu \u003c- all empty\n return NULL\n\ntrace_printk_seq(\u0026iter.seq)\n WARN_ON_ONCE(s-\u003eseq.len \u003e= s-\u003eseq.size)\n\nIn the context between trace_empty() and trace_find_next_entry_inc()\nduring ftrace_dump, the ring buffer data was consumed by other readers.\nThis caused trace_find_next_entry_inc to return NULL, failing to populate\n`iter.seq`. At this point, due to the prior trace_iterator_reset, both\n`iter.seq.len` and `iter.seq.size` were set to 0. Since they are equal,\nthe WARN_ON_ONCE condition is triggered.\n\nMove the trace_printk_seq() into the if block that checks to make sure the\nreturn value of trace_find_next_entry_inc() is non-NULL in\nftrace_dump_one(), ensuring the \u0027iter.seq\u0027 is properly populated before\nsubsequent operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39813",
"url": "https://www.suse.com/security/cve/CVE-2025-39813"
},
{
"category": "external",
"summary": "SUSE Bug 1250032 for CVE-2025-39813",
"url": "https://bugzilla.suse.com/1250032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-39813"
},
{
"cve": "CVE-2025-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntrace/fgraph: Fix the warning caused by missing unregister notifier\n\nThis warning was triggered during testing on v6.16:\n\nnotifier callback ftrace_suspend_notifier_call already registered\nWARNING: CPU: 2 PID: 86 at kernel/notifier.c:23 notifier_chain_register+0x44/0xb0\n...\nCall Trace:\n \u003cTASK\u003e\n blocking_notifier_chain_register+0x34/0x60\n register_ftrace_graph+0x330/0x410\n ftrace_profile_write+0x1e9/0x340\n vfs_write+0xf8/0x420\n ? filp_flush+0x8a/0xa0\n ? filp_close+0x1f/0x30\n ? do_dup2+0xaf/0x160\n ksys_write+0x65/0xe0\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nWhen writing to the function_profile_enabled interface, the notifier was\nnot unregistered after start_graph_tracing failed, causing a warning the\nnext time function_profile_enabled was written.\n\nFixed by adding unregister_pm_notifier in the exception path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39829",
"url": "https://www.suse.com/security/cve/CVE-2025-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1250082 for CVE-2025-39829",
"url": "https://bugzilla.suse.com/1250082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-39829"
},
{
"cve": "CVE-2025-39836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: stmm: Fix incorrect buffer allocation method\n\nThe communication buffer allocated by setup_mm_hdr() is later on passed\nto tee_shm_register_kernel_buf(). The latter expects those buffers to be\ncontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause\nvarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e\n(\"slab: allocate frozen pages\"), though it was broken before as well.\n\nFix this by using alloc_pages_exact() instead of kmalloc().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39836",
"url": "https://www.suse.com/security/cve/CVE-2025-39836"
},
{
"category": "external",
"summary": "SUSE Bug 1249904 for CVE-2025-39836",
"url": "https://bugzilla.suse.com/1249904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-39836"
},
{
"cve": "CVE-2025-39880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix invalid accesses to ceph_connection_v1_info\n\nThere is a place where generic code in messenger.c is reading and\nanother place where it is writing to con-\u003ev1 union member without\nchecking that the union member is active (i.e. msgr1 is in use).\n\nOn 64-bit systems, con-\u003ev1.auth_retry overlaps with con-\u003ev2.out_iter,\nso such a read is almost guaranteed to return a bogus value instead of\n0 when msgr2 is in use. This ends up being fairly benign because the\nside effect is just the invalidation of the authorizer and successive\nfetching of new tickets.\n\ncon-\u003ev1.connect_seq overlaps with con-\u003ev2.conn_bufs and the fact that\nit\u0027s being written to can cause more serious consequences, but luckily\nit\u0027s not something that happens often.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39880",
"url": "https://www.suse.com/security/cve/CVE-2025-39880"
},
{
"category": "external",
"summary": "SUSE Bug 1250388 for CVE-2025-39880",
"url": "https://bugzilla.suse.com/1250388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-39880"
},
{
"cve": "CVE-2025-39913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-\u003ecork.\n\nsyzbot reported the splat below. [0]\n\nThe repro does the following:\n\n 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes)\n 2. Attach the prog to a SOCKMAP\n 3. Add a socket to the SOCKMAP\n 4. Activate fault injection\n 5. Send data less than cork_bytes\n\nAt 5., the data is carried over to the next sendmsg() as it is\nsmaller than the cork_bytes specified by bpf_msg_cork_bytes().\n\nThen, tcp_bpf_send_verdict() tries to allocate psock-\u003ecork to hold\nthe data, but this fails silently due to fault injection + __GFP_NOWARN.\n\nIf the allocation fails, we need to revert the sk-\u003esk_forward_alloc\nchange done by sk_msg_alloc().\n\nLet\u0027s call sk_msg_free() when tcp_bpf_send_verdict fails to allocate\npsock-\u003ecork.\n\nThe \"*copied\" also needs to be updated such that a proper error can\nbe returned to the caller, sendmsg. It fails to allocate psock-\u003ecork.\nNothing has been corked so far, so this patch simply sets \"*copied\"\nto 0.\n\n[0]:\nWARNING: net/ipv4/af_inet.c:156 at inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156, CPU#1: syz-executor/5983\nModules linked in:\nCPU: 1 UID: 0 PID: 5983 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156\nCode: 0f 0b 90 e9 62 fe ff ff e8 7a db b5 f7 90 0f 0b 90 e9 95 fe ff ff e8 6c db b5 f7 90 0f 0b 90 e9 bb fe ff ff e8 5e db b5 f7 90 \u003c0f\u003e 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc\nRSP: 0018:ffffc90000a08b48 EFLAGS: 00010246\nRAX: ffffffff8a09d0b2 RBX: dffffc0000000000 RCX: ffff888024a23c80\nRDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000\nRBP: 0000000000000fff R08: ffff88807e07c627 R09: 1ffff1100fc0f8c4\nR10: dffffc0000000000 R11: ffffed100fc0f8c5 R12: ffff88807e07c380\nR13: dffffc0000000000 R14: ffff88807e07c60c R15: 1ffff1100fc0f872\nFS: 00005555604c4500(0000) GS:ffff888125af1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555604df5c8 CR3: 0000000032b06000 CR4: 00000000003526f0\nCall Trace:\n \u003cIRQ\u003e\n __sk_destruct+0x86/0x660 net/core/sock.c:2339\n rcu_do_batch kernel/rcu/tree.c:2605 [inline]\n rcu_core+0xca8/0x1770 kernel/rcu/tree.c:2861\n handle_softirqs+0x286/0x870 kernel/softirq.c:579\n __do_softirq kernel/softirq.c:613 [inline]\n invoke_softirq kernel/softirq.c:453 [inline]\n __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:696\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39913",
"url": "https://www.suse.com/security/cve/CVE-2025-39913"
},
{
"category": "external",
"summary": "SUSE Bug 1250705 for CVE-2025-39913",
"url": "https://bugzilla.suse.com/1250705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-39913"
},
{
"cve": "CVE-2025-40097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix missing pointer check in hda_component_manager_init function\n\nThe __component_match_add function may assign the \u0027matchptr\u0027 pointer\nthe value ERR_PTR(-ENOMEM), which will subsequently be dereferenced.\n\nThe call stack leading to the error looks like this:\n\nhda_component_manager_init\n|-\u003e component_match_add\n |-\u003e component_match_add_release\n |-\u003e __component_match_add ( ... ,**matchptr, ... )\n |-\u003e *matchptr = ERR_PTR(-ENOMEM); // assign\n|-\u003e component_master_add_with_match( ... match)\n |-\u003e component_match_realloc(match, match-\u003enum); // dereference\n\nAdd IS_ERR() check to prevent the crash.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40097",
"url": "https://www.suse.com/security/cve/CVE-2025-40097"
},
{
"category": "external",
"summary": "SUSE Bug 1252900 for CVE-2025-40097",
"url": "https://bugzilla.suse.com/1252900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40097"
},
{
"cve": "CVE-2025-40106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: fix divide-by-zero in comedi_buf_munge()\n\nThe comedi_buf_munge() function performs a modulo operation\n`async-\u003emunge_chan %= async-\u003ecmd.chanlist_len` without first\nchecking if chanlist_len is zero. If a user program submits a command with\nchanlist_len set to zero, this causes a divide-by-zero error when the device\nprocesses data in the interrupt handler path.\n\nAdd a check for zero chanlist_len at the beginning of the\nfunction, similar to the existing checks for !map and\nCMDF_RAWDATA flag. When chanlist_len is zero, update\nmunge_count and return early, indicating the data was\nhandled without munging.\n\nThis prevents potential kernel panics from malformed user commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40106",
"url": "https://www.suse.com/security/cve/CVE-2025-40106"
},
{
"category": "external",
"summary": "SUSE Bug 1252891 for CVE-2025-40106",
"url": "https://bugzilla.suse.com/1252891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40106"
},
{
"cve": "CVE-2025-40132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback\n\nIn create_sdw_dailink() check that sof_end-\u003ecodec_info-\u003eadd_sidecar\nis not NULL before calling it.\n\nThe original code assumed that if include_sidecar is true, the codec\non that link has an add_sidecar callback. But there could be other\ncodecs on the same link that do not have an add_sidecar callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40132",
"url": "https://www.suse.com/security/cve/CVE-2025-40132"
},
{
"category": "external",
"summary": "SUSE Bug 1253330 for CVE-2025-40132",
"url": "https://bugzilla.suse.com/1253330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40132"
},
{
"cve": "CVE-2025-40136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - request reserved interrupt for virtual function\n\nThe device interrupt vector 3 is an error interrupt for\nphysical function and a reserved interrupt for virtual function.\nHowever, the driver has not registered the reserved interrupt for\nvirtual function. When allocating interrupts, the number of interrupts\nis allocated based on powers of two, which includes this interrupt.\nWhen the system enables GICv4 and the virtual function passthrough\nto the virtual machine, releasing the interrupt in the driver\ntriggers a warning.\n\nThe WARNING report is:\nWARNING: CPU: 62 PID: 14889 at arch/arm64/kvm/vgic/vgic-its.c:852 its_free_ite+0x94/0xb4\n\nTherefore, register a reserved interrupt for VF and set the\nIRQF_NO_AUTOEN flag to avoid that warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40136",
"url": "https://www.suse.com/security/cve/CVE-2025-40136"
},
{
"category": "external",
"summary": "SUSE Bug 1253340 for CVE-2025-40136",
"url": "https://bugzilla.suse.com/1253340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40136"
},
{
"cve": "CVE-2025-40142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT\n\nsnd_pcm_group_lock_irq() acquires a spinlock_t and disables interrupts\nvia spin_lock_irq(). This also implicitly disables the handling of\nsoftirqs such as TIMER_SOFTIRQ.\nOn PREEMPT_RT softirqs are preemptible and spin_lock_irq() does not\ndisable them. That means a timer can be invoked during spin_lock_irq()\non the same CPU. Due to synchronisations reasons local_bh_disable() has\na per-CPU lock named softirq_ctrl.lock which synchronizes individual\nsoftirq against each other.\nsyz-bot managed to trigger a lockdep report where softirq_ctrl.lock is\nacquired in hrtimer_cancel() in addition to hrtimer_run_softirq(). This\nis a possible deadlock.\n\nThe softirq_ctrl.lock can not be made part of spin_lock_irq() as this\nwould lead to too much synchronisation against individual threads on the\nsystem. To avoid the possible deadlock, softirqs must be manually\ndisabled before the lock is acquired.\n\nDisable softirqs before the lock is acquired on PREEMPT_RT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40142",
"url": "https://www.suse.com/security/cve/CVE-2025-40142"
},
{
"category": "external",
"summary": "SUSE Bug 1253348 for CVE-2025-40142",
"url": "https://bugzilla.suse.com/1253348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40142"
},
{
"cve": "CVE-2025-40166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/guc: Check GuC running state before deregistering exec queue\n\nIn normal operation, a registered exec queue is disabled and\nderegistered through the GuC, and freed only after the GuC confirms\ncompletion. However, if the driver is forced to unbind while the exec\nqueue is still running, the user may call exec_destroy() after the GuC\nhas already been stopped and CT communication disabled.\n\nIn this case, the driver cannot receive a response from the GuC,\npreventing proper cleanup of exec queue resources. Fix this by directly\nreleasing the resources when GuC is not running.\n\nHere is the failure dmesg log:\n\"\n[ 468.089581] ---[ end trace 0000000000000000 ]---\n[ 468.089608] pci 0000:03:00.0: [drm] *ERROR* GT0: GUC ID manager unclean (1/65535)\n[ 468.090558] pci 0000:03:00.0: [drm] GT0: total 65535\n[ 468.090562] pci 0000:03:00.0: [drm] GT0: used 1\n[ 468.090564] pci 0000:03:00.0: [drm] GT0: range 1..1 (1)\n[ 468.092716] ------------[ cut here ]------------\n[ 468.092719] WARNING: CPU: 14 PID: 4775 at drivers/gpu/drm/xe/xe_ttm_vram_mgr.c:298 ttm_vram_mgr_fini+0xf8/0x130 [xe]\n\"\n\nv2: use xe_uc_fw_is_running() instead of xe_guc_ct_enabled().\n As CT may go down and come back during VF migration.\n\n(cherry picked from commit 9b42321a02c50a12b2beb6ae9469606257fbecea)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40166",
"url": "https://www.suse.com/security/cve/CVE-2025-40166"
},
{
"category": "external",
"summary": "SUSE Bug 1253433 for CVE-2025-40166",
"url": "https://bugzilla.suse.com/1253433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40166"
},
{
"cve": "CVE-2025-40177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix bootlog initialization ordering\n\nAs soon as we queue MHI buffers to receive the bootlog from the device,\nwe could be receiving data. Therefore all the resources needed to\nprocess that data need to be setup prior to queuing the buffers.\n\nWe currently initialize some of the resources after queuing the buffers\nwhich creates a race between the probe() and any data that comes back\nfrom the device. If the uninitialized resources are accessed, we could\nsee page faults.\n\nFix the init ordering to close the race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40177",
"url": "https://www.suse.com/security/cve/CVE-2025-40177"
},
{
"category": "external",
"summary": "SUSE Bug 1253443 for CVE-2025-40177",
"url": "https://bugzilla.suse.com/1253443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40177"
},
{
"cve": "CVE-2025-40181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP\n\nWhen running as an SNP or TDX guest under KVM, force the legacy PCI hole,\ni.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC\nvia a forced variable MTRR range.\n\nIn most KVM-based setups, legacy devices such as the HPET and TPM are\nenumerated via ACPI. ACPI enumeration includes a Memory32Fixed entry, and\noptionally a SystemMemory descriptor for an OperationRegion, e.g. if the\ndevice needs to be accessed via a Control Method.\n\nIf a SystemMemory entry is present, then the kernel\u0027s ACPI driver will\nauto-ioremap the region so that it can be accessed at will. However, the\nACPI spec doesn\u0027t provide a way to enumerate the memory type of\nSystemMemory regions, i.e. there\u0027s no way to tell software that a region\nmust be mapped as UC vs. WB, etc. As a result, Linux\u0027s ACPI driver always\nmaps SystemMemory regions using ioremap_cache(), i.e. as WB on x86.\n\nThe dedicated device drivers however, e.g. the HPET driver and TPM driver,\nwant to map their associated memory as UC or WC, as accessing PCI devices\nusing WB is unsupported.\n\nOn bare metal and non-CoCO, the conflicting requirements \"work\" as firmware\nconfigures the PCI hole (and other device memory) to be UC in the MTRRs.\nSo even though the ACPI mappings request WB, they are forced to UC- in the\nkernel\u0027s tracking due to the kernel properly handling the MTRR overrides,\nand thus are compatible with the drivers\u0027 requested WC/UC-.\n\nWith force WB MTRRs on SNP and TDX guests, the ACPI mappings get their\nrequested WB if the ACPI mappings are established before the dedicated\ndriver code attempts to initialize the device. E.g. if acpi_init()\nruns before the corresponding device driver is probed, ACPI\u0027s WB mapping\nwill \"win\", and result in the driver\u0027s ioremap() failing because the\nexisting WB mapping isn\u0027t compatible with the requested WC/UC-.\n\nE.g. when a TPM is emulated by the hypervisor (ignoring the security\nimplications of relying on what is allegedly an untrusted entity to store\nmeasurements), the TPM driver will request UC and fail:\n\n [ 1.730459] ioremap error for 0xfed40000-0xfed45000, requested 0x2, got 0x0\n [ 1.732780] tpm_tis MSFT0101:00: probe with driver tpm_tis failed with error -12\n\nNote, the \u00270x2\u0027 and \u00270x0\u0027 values refer to \"enum page_cache_mode\", not x86\u0027s\nmemtypes (which frustratingly are an almost pure inversion; 2 == WB, 0 == UC).\nE.g. tracing mapping requests for TPM TIS yields:\n\n Mapping TPM TIS with req_type = 0\n WARNING: CPU: 22 PID: 1 at arch/x86/mm/pat/memtype.c:530 memtype_reserve+0x2ab/0x460\n Modules linked in:\n CPU: 22 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.16.0-rc7+ #2 VOLUNTARY\n Tainted: [W]=WARN\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/29/2025\n RIP: 0010:memtype_reserve+0x2ab/0x460\n __ioremap_caller+0x16d/0x3d0\n ioremap_cache+0x17/0x30\n x86_acpi_os_ioremap+0xe/0x20\n acpi_os_map_iomem+0x1f3/0x240\n acpi_os_map_memory+0xe/0x20\n acpi_ex_system_memory_space_handler+0x273/0x440\n acpi_ev_address_space_dispatch+0x176/0x4c0\n acpi_ex_access_region+0x2ad/0x530\n acpi_ex_field_datum_io+0xa2/0x4f0\n acpi_ex_extract_from_field+0x296/0x3e0\n acpi_ex_read_data_from_field+0xd1/0x460\n acpi_ex_resolve_node_to_value+0x2ee/0x530\n acpi_ex_resolve_to_value+0x1f2/0x540\n acpi_ds_evaluate_name_path+0x11b/0x190\n acpi_ds_exec_end_op+0x456/0x960\n acpi_ps_parse_loop+0x27a/0xa50\n acpi_ps_parse_aml+0x226/0x600\n acpi_ps_execute_method+0x172/0x3e0\n acpi_ns_evaluate+0x175/0x5f0\n acpi_evaluate_object+0x213/0x490\n acpi_evaluate_integer+0x6d/0x140\n acpi_bus_get_status+0x93/0x150\n acpi_add_single_object+0x43a/0x7c0\n acpi_bus_check_add+0x149/0x3a0\n acpi_bus_check_add_1+0x16/0x30\n acpi_ns_walk_namespace+0x22c/0x360\n acpi_walk_namespace+0x15c/0x170\n acpi_bus_scan+0x1dd/0x200\n acpi_scan_init+0xe5/0x2b0\n acpi_init+0x264/0x5b0\n do_one_i\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40181",
"url": "https://www.suse.com/security/cve/CVE-2025-40181"
},
{
"category": "external",
"summary": "SUSE Bug 1253471 for CVE-2025-40181",
"url": "https://bugzilla.suse.com/1253471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40181"
},
{
"cve": "CVE-2025-40202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: Rework user message limit handling\n\nThe limit on the number of user messages had a number of issues,\nimproper counting in some cases and a use after free.\n\nRestructure how this is all done to handle more in the receive message\nallocation routine, so all refcouting and user message limit counts\nare done in that routine. It\u0027s a lot cleaner and safer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40202",
"url": "https://www.suse.com/security/cve/CVE-2025-40202"
},
{
"category": "external",
"summary": "SUSE Bug 1253451 for CVE-2025-40202",
"url": "https://bugzilla.suse.com/1253451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40202"
},
{
"cve": "CVE-2025-40238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix IPsec cleanup over MPV device\n\nWhen we do mlx5e_detach_netdev() we eventually disable blocking events\nnotifier, among those events are IPsec MPV events from IB to core.\n\nSo before disabling those blocking events, make sure to also unregister\nthe devcom device and mark all this device operations as complete,\nin order to prevent the other device from using invalid netdev\nduring future devcom events which could cause the trace below.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nPGD 146427067 P4D 146427067 PUD 146488067 PMD 0\nOops: Oops: 0000 [#1] SMP\nCPU: 1 UID: 0 PID: 7735 Comm: devlink Tainted: GW 6.12.0-rc6_for_upstream_min_debug_2024_11_08_00_46 #1\nTainted: [W]=WARN\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:mlx5_devcom_comp_set_ready+0x5/0x40 [mlx5_core]\nCode: 00 01 48 83 05 23 32 1e 00 01 41 b8 ed ff ff ff e9 60 ff ff ff 48 83 05 00 32 1e 00 01 eb e3 66 0f 1f 44 00 00 0f 1f 44 00 00 \u003c48\u003e 8b 47 10 48 83 05 5f 32 1e 00 01 48 8b 50 40 48 85 d2 74 05 40\nRSP: 0018:ffff88811a5c35f8 EFLAGS: 00010206\nRAX: ffff888106e8ab80 RBX: ffff888107d7e200 RCX: ffff88810d6f0a00\nRDX: ffff88810d6f0a00 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffff88811a17e620 R08: 0000000000000040 R09: 0000000000000000\nR10: ffff88811a5c3618 R11: 0000000de85d51bd R12: ffff88811a17e600\nR13: ffff88810d6f0a00 R14: 0000000000000000 R15: ffff8881034bda80\nFS: 00007f27bdf89180(0000) GS:ffff88852c880000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000010 CR3: 000000010f159005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_devcom_comp_set_ready+0x5/0x40 [mlx5_core]\n mlx5e_devcom_event_mpv+0x42/0x60 [mlx5_core]\n mlx5_devcom_send_event+0x8c/0x170 [mlx5_core]\n blocking_event+0x17b/0x230 [mlx5_core]\n notifier_call_chain+0x35/0xa0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_mp_event_replay+0x12/0x20 [mlx5_core]\n mlx5_ib_bind_slave_port+0x228/0x2c0 [mlx5_ib]\n mlx5_ib_stage_init_init+0x664/0x9d0 [mlx5_ib]\n ? idr_alloc_cyclic+0x50/0xb0\n ? __kmalloc_cache_noprof+0x167/0x340\n ? __kmalloc_noprof+0x1a7/0x430\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe9/0x310 [mlx5_ib]\n ? kernfs_add_one+0x107/0x150\n ? __mlx5_ib_add+0xd0/0xd0 [mlx5_ib]\n auxiliary_bus_probe+0x3e/0x90\n really_probe+0xc5/0x3a0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x62d/0x830\n __auxiliary_device_add+0x3b/0xa0\n ? auxiliary_device_init+0x41/0x90\n add_adev+0xd1/0x150 [mlx5_core]\n mlx5_rescan_drivers_locked+0x21c/0x300 [mlx5_core]\n esw_mode_change+0x6c/0xc0 [mlx5_core]\n mlx5_devlink_eswitch_mode_set+0x21e/0x640 [mlx5_core]\n devlink_nl_eswitch_set_doit+0x60/0xe0\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x180/0x2b0\n ? devlink_get_from_attrs_lock+0x170/0x170\n ? devlink_nl_eswitch_get_doit+0x290/0x290\n ? devlink_nl_pre_doit_port_optional+0x50/0x50\n ? genl_family_rcv_msg_dumpit+0xf0/0xf0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1fc/0x2d0\n netlink_sendmsg+0x1e4/0x410\n __sock_sendmsg+0x38/0x60\n ? sockfd_lookup_light+0x12/0x60\n __sys_sendto+0x105/0x160\n ? __sys_recvmsg+0x4e/0x90\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f27bc91b13a\nCode: bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 8b 05 fa 96 2c 00 45 89 c9 4c 63 d1 48 63 ff 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40238",
"url": "https://www.suse.com/security/cve/CVE-2025-40238"
},
{
"category": "external",
"summary": "SUSE Bug 1254871 for CVE-2025-40238",
"url": "https://bugzilla.suse.com/1254871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40238"
},
{
"cve": "CVE-2025-40254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: remove never-working support for setting nsh fields\n\nThe validation of the set(nsh(...)) action is completely wrong.\nIt runs through the nsh_key_put_from_nlattr() function that is the\nsame function that validates NSH keys for the flow match and the\npush_nsh() action. However, the set(nsh(...)) has a very different\nmemory layout. Nested attributes in there are doubled in size in\ncase of the masked set(). That makes proper validation impossible.\n\nThere is also confusion in the code between the \u0027masked\u0027 flag, that\nsays that the nested attributes are doubled in size containing both\nthe value and the mask, and the \u0027is_mask\u0027 that says that the value\nwe\u0027re parsing is the mask. This is causing kernel crash on trying to\nwrite into mask part of the match with SW_FLOW_KEY_PUT() during\nvalidation, while validate_nsh() doesn\u0027t allocate any memory for it:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 1c2383067 P4D 1c2383067 PUD 20b703067 PMD 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 8 UID: 0 Kdump: loaded Not tainted 6.17.0-rc4+ #107 PREEMPT(voluntary)\n RIP: 0010:nsh_key_put_from_nlattr+0x19d/0x610 [openvswitch]\n Call Trace:\n \u003cTASK\u003e\n validate_nsh+0x60/0x90 [openvswitch]\n validate_set.constprop.0+0x270/0x3c0 [openvswitch]\n __ovs_nla_copy_actions+0x477/0x860 [openvswitch]\n ovs_nla_copy_actions+0x8d/0x100 [openvswitch]\n ovs_packet_cmd_execute+0x1cc/0x310 [openvswitch]\n genl_family_rcv_msg_doit+0xdb/0x130\n genl_family_rcv_msg+0x14b/0x220\n genl_rcv_msg+0x47/0xa0\n netlink_rcv_skb+0x53/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x280/0x3b0\n netlink_sendmsg+0x1f7/0x430\n ____sys_sendmsg+0x36b/0x3a0\n ___sys_sendmsg+0x87/0xd0\n __sys_sendmsg+0x6d/0xd0\n do_syscall_64+0x7b/0x2c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe third issue with this process is that while trying to convert\nthe non-masked set into masked one, validate_set() copies and doubles\nthe size of the OVS_KEY_ATTR_NSH as if it didn\u0027t have any nested\nattributes. It should be copying each nested attribute and doubling\nthem in size independently. And the process must be properly reversed\nduring the conversion back from masked to a non-masked variant during\nthe flow dump.\n\nIn the end, the only two outcomes of trying to use this action are\neither validation failure or a kernel crash. And if somehow someone\nmanages to install a flow with such an action, it will most definitely\nnot do what it is supposed to, since all the keys and the masks are\nmixed up.\n\nFixing all the issues is a complex task as it requires re-writing\nmost of the validation code.\n\nGiven that and the fact that this functionality never worked since\nintroduction, let\u0027s just remove it altogether. It\u0027s better to\nre-introduce it later with a proper implementation instead of trying\nto fix it in stable releases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40254",
"url": "https://www.suse.com/security/cve/CVE-2025-40254"
},
{
"category": "external",
"summary": "SUSE Bug 1254852 for CVE-2025-40254",
"url": "https://bugzilla.suse.com/1254852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40254"
},
{
"cve": "CVE-2025-40257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix a race in mptcp_pm_del_add_timer()\n\nmptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, \u0026entry-\u003eadd_timer)\nwhile another might have free entry already, as reported by syzbot.\n\nAdd RCU protection to fix this issue.\n\nAlso change confusing add_timer variable with stop_timer boolean.\n\nsyzbot report:\n\nBUG: KASAN: slab-use-after-free in __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616\nRead of size 4 at addr ffff8880311e4150 by task kworker/1:1/44\n\nCPU: 1 UID: 0 PID: 44 Comm: kworker/1:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025\nWorkqueue: events mptcp_worker\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616\n sk_stop_timer_sync+0x1b/0x90 net/core/sock.c:3631\n mptcp_pm_del_add_timer+0x283/0x310 net/mptcp/pm.c:362\n mptcp_incoming_options+0x1357/0x1f60 net/mptcp/options.c:1174\n tcp_data_queue+0xca/0x6450 net/ipv4/tcp_input.c:5361\n tcp_rcv_established+0x1335/0x2670 net/ipv4/tcp_input.c:6441\n tcp_v4_do_rcv+0x98b/0xbf0 net/ipv4/tcp_ipv4.c:1931\n tcp_v4_rcv+0x252a/0x2dc0 net/ipv4/tcp_ipv4.c:2374\n ip_protocol_deliver_rcu+0x221/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x3bb/0x6f0 net/ipv4/ip_input.c:239\n NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\n NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\n __netif_receive_skb_one_core net/core/dev.c:6079 [inline]\n __netif_receive_skb+0x143/0x380 net/core/dev.c:6192\n process_backlog+0x31e/0x900 net/core/dev.c:6544\n __napi_poll+0xb6/0x540 net/core/dev.c:7594\n napi_poll net/core/dev.c:7657 [inline]\n net_rx_action+0x5f7/0xda0 net/core/dev.c:7784\n handle_softirqs+0x22f/0x710 kernel/softirq.c:622\n __do_softirq kernel/softirq.c:656 [inline]\n __local_bh_enable_ip+0x1a0/0x2e0 kernel/softirq.c:302\n mptcp_pm_send_ack net/mptcp/pm.c:210 [inline]\n mptcp_pm_addr_send_ack+0x41f/0x500 net/mptcp/pm.c:-1\n mptcp_pm_worker+0x174/0x320 net/mptcp/pm.c:1002\n mptcp_worker+0xd5/0x1170 net/mptcp/protocol.c:2762\n process_one_work kernel/workqueue.c:3263 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 44:\n kasan_save_stack mm/kasan/common.c:56 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:77\n poison_kmalloc_redzone mm/kasan/common.c:400 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:417\n kasan_kmalloc include/linux/kasan.h:262 [inline]\n __kmalloc_cache_noprof+0x1ef/0x6c0 mm/slub.c:5748\n kmalloc_noprof include/linux/slab.h:957 [inline]\n mptcp_pm_alloc_anno_list+0x104/0x460 net/mptcp/pm.c:385\n mptcp_pm_create_subflow_or_signal_addr+0xf9d/0x1360 net/mptcp/pm_kernel.c:355\n mptcp_pm_nl_fully_established net/mptcp/pm_kernel.c:409 [inline]\n __mptcp_pm_kernel_worker+0x417/0x1ef0 net/mptcp/pm_kernel.c:1529\n mptcp_pm_worker+0x1ee/0x320 net/mptcp/pm.c:1008\n mptcp_worker+0xd5/0x1170 net/mptcp/protocol.c:2762\n process_one_work kernel/workqueue.c:3263 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n\nFreed by task 6630:\n kasan_save_stack mm/kasan/common.c:56 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:77\n __kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:587\n kasan_save_free_info mm/kasan/kasan.h:406 [inline]\n poison_slab_object m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40257",
"url": "https://www.suse.com/security/cve/CVE-2025-40257"
},
{
"category": "external",
"summary": "SUSE Bug 1254842 for CVE-2025-40257",
"url": "https://bugzilla.suse.com/1254842"
},
{
"category": "external",
"summary": "SUSE Bug 1257242 for CVE-2025-40257",
"url": "https://bugzilla.suse.com/1257242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-40257"
},
{
"cve": "CVE-2025-40259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Do not sleep in atomic context\n\nsg_finish_rem_req() calls blk_rq_unmap_user(). The latter function may\nsleep. Hence, call sg_finish_rem_req() with interrupts enabled instead\nof disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40259",
"url": "https://www.suse.com/security/cve/CVE-2025-40259"
},
{
"category": "external",
"summary": "SUSE Bug 1254845 for CVE-2025-40259",
"url": "https://bugzilla.suse.com/1254845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40259"
},
{
"cve": "CVE-2025-40261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl()\n\nnvme_fc_delete_assocation() waits for pending I/O to complete before\nreturning, and an error can cause -\u003eioerr_work to be queued after\ncancel_work_sync() had been called. Move the call to cancel_work_sync() to\nbe after nvme_fc_delete_association() to ensure -\u003eioerr_work is not running\nwhen the nvme_fc_ctrl object is freed. Otherwise the following can occur:\n\n[ 1135.911754] list_del corruption, ff2d24c8093f31f8-\u003enext is NULL\n[ 1135.917705] ------------[ cut here ]------------\n[ 1135.922336] kernel BUG at lib/list_debug.c:52!\n[ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary)\n[ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025\n[ 1135.950969] Workqueue: 0x0 (nvme-wq)\n[ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff \u003c0f\u003e 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b\n[ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046\n[ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000\n[ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0\n[ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08\n[ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100\n[ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0\n[ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000\n[ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0\n[ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 1136.055910] PKRU: 55555554\n[ 1136.058623] Call Trace:\n[ 1136.061074] \u003cTASK\u003e\n[ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.071898] ? move_linked_works+0x4a/0xa0\n[ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.081744] ? __die_body.cold+0x8/0x12\n[ 1136.085584] ? die+0x2e/0x50\n[ 1136.088469] ? do_trap+0xca/0x110\n[ 1136.091789] ? do_error_trap+0x65/0x80\n[ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.101289] ? exc_invalid_op+0x50/0x70\n[ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20\n[ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.120806] move_linked_works+0x4a/0xa0\n[ 1136.124733] worker_thread+0x216/0x3a0\n[ 1136.128485] ? __pfx_worker_thread+0x10/0x10\n[ 1136.132758] kthread+0xfa/0x240\n[ 1136.135904] ? __pfx_kthread+0x10/0x10\n[ 1136.139657] ret_from_fork+0x31/0x50\n[ 1136.143236] ? __pfx_kthread+0x10/0x10\n[ 1136.146988] ret_from_fork_asm+0x1a/0x30\n[ 1136.150915] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40261",
"url": "https://www.suse.com/security/cve/CVE-2025-40261"
},
{
"category": "external",
"summary": "SUSE Bug 1254839 for CVE-2025-40261",
"url": "https://bugzilla.suse.com/1254839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40261"
},
{
"cve": "CVE-2025-40264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: pass wrb_params in case of OS2BMC\n\nbe_insert_vlan_in_pkt() is called with the wrb_params argument being NULL\nat be_send_pkt_to_bmc() call site. This may lead to dereferencing a NULL\npointer when processing a workaround for specific packet, as commit\nbc0c3405abbb (\"be2net: fix a Tx stall bug caused by a specific ipv6\npacket\") states.\n\nThe correct way would be to pass the wrb_params from be_xmit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40264",
"url": "https://www.suse.com/security/cve/CVE-2025-40264"
},
{
"category": "external",
"summary": "SUSE Bug 1254835 for CVE-2025-40264",
"url": "https://bugzilla.suse.com/1254835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40264"
},
{
"cve": "CVE-2025-40328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_close_cached_fid()\n\nfind_or_create_cached_dir() could grab a new reference after kref_put()\nhad seen the refcount drop to zero but before cfid_list_lock is acquired\nin smb2_close_cached_fid(), leading to use-after-free.\n\nSwitch to kref_put_lock() so cfid_release() is called with\ncfid_list_lock held, closing that gap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40328",
"url": "https://www.suse.com/security/cve/CVE-2025-40328"
},
{
"category": "external",
"summary": "SUSE Bug 1254624 for CVE-2025-40328",
"url": "https://bugzilla.suse.com/1254624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40328"
},
{
"cve": "CVE-2025-40350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40350"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ\n\nXDP programs can change the layout of an xdp_buff through\nbpf_xdp_adjust_tail() and bpf_xdp_adjust_head(). Therefore, the driver\ncannot assume the size of the linear data area nor fragments. Fix the\nbug in mlx5 by generating skb according to xdp_buff after XDP programs\nrun.\n\nCurrently, when handling multi-buf XDP, the mlx5 driver assumes the\nlayout of an xdp_buff to be unchanged. That is, the linear data area\ncontinues to be empty and fragments remain the same. This may cause\nthe driver to generate erroneous skb or triggering a kernel\nwarning. When an XDP program added linear data through\nbpf_xdp_adjust_head(), the linear data will be ignored as\nmlx5e_build_linear_skb() builds an skb without linear data and then\npull data from fragments to fill the linear data area. When an XDP\nprogram has shrunk the non-linear data through bpf_xdp_adjust_tail(),\nthe delta passed to __pskb_pull_tail() may exceed the actual nonlinear\ndata size and trigger the BUG_ON in it.\n\nTo fix the issue, first record the original number of fragments. If the\nnumber of fragments changes after the XDP program runs, rewind the end\nfragment pointer by the difference and recalculate the truesize. Then,\nbuild the skb with the linear data area matching the xdp_buff. Finally,\nonly pull data in if there is non-linear data and fill the linear part\nup to 256 bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40350",
"url": "https://www.suse.com/security/cve/CVE-2025-40350"
},
{
"category": "external",
"summary": "SUSE Bug 1255260 for CVE-2025-40350",
"url": "https://bugzilla.suse.com/1255260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40350"
},
{
"cve": "CVE-2025-40355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40355"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysfs: check visibility before changing group attribute ownership\n\nSince commit 0c17270f9b92 (\"net: sysfs: Implement is_visible for\nphys_(port_id, port_name, switch_id)\"), __dev_change_net_namespace() can\nhit WARN_ON() when trying to change owner of a file that isn\u0027t visible.\nSee the trace below:\n\n WARNING: CPU: 6 PID: 2938 at net/core/dev.c:12410 __dev_change_net_namespace+0xb89/0xc30\n CPU: 6 UID: 0 PID: 2938 Comm: incusd Not tainted 6.17.1-1-mainline #1 PREEMPT(full) 4b783b4a638669fb644857f484487d17cb45ed1f\n Hardware name: Framework Laptop 13 (AMD Ryzen 7040Series)/FRANMDCP07, BIOS 03.07 02/19/2025\n RIP: 0010:__dev_change_net_namespace+0xb89/0xc30\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? if6_seq_show+0x30/0x50\n do_setlink.isra.0+0xc7/0x1270\n ? __nla_validate_parse+0x5c/0xcc0\n ? security_capable+0x94/0x1a0\n rtnl_newlink+0x858/0xc20\n ? update_curr+0x8e/0x1c0\n ? update_entity_lag+0x71/0x80\n ? sched_balance_newidle+0x358/0x450\n ? psi_task_switch+0x113/0x2a0\n ? __pfx_rtnl_newlink+0x10/0x10\n rtnetlink_rcv_msg+0x346/0x3e0\n ? sched_clock+0x10/0x30\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x59/0x110\n netlink_unicast+0x285/0x3c0\n ? __alloc_skb+0xdb/0x1a0\n netlink_sendmsg+0x20d/0x430\n ____sys_sendmsg+0x39f/0x3d0\n ? import_iovec+0x2f/0x40\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x81/0x970\n ? __sys_bind+0xe3/0x110\n ? syscall_exit_work+0x143/0x1b0\n ? do_syscall_64+0x244/0x970\n ? sock_alloc_file+0x63/0xc0\n ? syscall_exit_work+0x143/0x1b0\n ? do_syscall_64+0x244/0x970\n ? alloc_fd+0x12e/0x190\n ? put_unused_fd+0x2a/0x70\n ? do_sys_openat2+0xa2/0xe0\n ? syscall_exit_work+0x143/0x1b0\n ? do_syscall_64+0x244/0x970\n ? exc_page_fault+0x7e/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n\nFix this by checking is_visible() before trying to touch the attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40355",
"url": "https://www.suse.com/security/cve/CVE-2025-40355"
},
{
"category": "external",
"summary": "SUSE Bug 1255261 for CVE-2025-40355",
"url": "https://bugzilla.suse.com/1255261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-40355"
},
{
"cve": "CVE-2025-40363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40363"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix field-spanning memcpy warning in AH output\n\nFix field-spanning memcpy warnings in ah6_output() and\nah6_output_done() where extension headers are copied to/from IPv6\naddress fields, triggering fortify-string warnings about writes beyond\nthe 16-byte address fields.\n\n memcpy: detected field-spanning write (size 40) of single field \"\u0026top_iph-\u003esaddr\" at net/ipv6/ah6.c:439 (size 16)\n WARNING: CPU: 0 PID: 8838 at net/ipv6/ah6.c:439 ah6_output+0xe7e/0x14e0 net/ipv6/ah6.c:439\n\nThe warnings are false positives as the extension headers are\nintentionally placed after the IPv6 header in memory. Fix by properly\ncopying addresses and extension headers separately, and introduce\nhelper functions to avoid code duplication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40363",
"url": "https://www.suse.com/security/cve/CVE-2025-40363"
},
{
"category": "external",
"summary": "SUSE Bug 1255102 for CVE-2025-40363",
"url": "https://bugzilla.suse.com/1255102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "low"
}
],
"title": "CVE-2025-40363"
},
{
"cve": "CVE-2025-68171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Ensure XFD state on signal delivery\n\nSean reported [1] the following splat when running KVM tests:\n\n WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70\n Call Trace:\n \u003cTASK\u003e\n fpu__clear_user_states+0x9c/0x100\n arch_do_signal_or_restart+0x142/0x210\n exit_to_user_mode_loop+0x55/0x100\n do_syscall_64+0x205/0x2c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nChao further identified [2] a reproducible scenario involving signal\ndelivery: a non-AMX task is preempted by an AMX-enabled task which\nmodifies the XFD MSR.\n\nWhen the non-AMX task resumes and reloads XSTATE with init values,\na warning is triggered due to a mismatch between fpstate::xfd and the\nCPU\u0027s current XFD state. fpu__clear_user_states() does not currently\nre-synchronize the XFD state after such preemption.\n\nInvoke xfd_update_state() which detects and corrects the mismatch if\nthere is a dynamic feature.\n\nThis also benefits the sigreturn path, as fpu__restore_sig() may call\nfpu__clear_user_states() when the sigframe is inaccessible.\n\n[ dhansen: minor changelog munging ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68171",
"url": "https://www.suse.com/security/cve/CVE-2025-68171"
},
{
"category": "external",
"summary": "SUSE Bug 1255255 for CVE-2025-68171",
"url": "https://bugzilla.suse.com/1255255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68171"
},
{
"cve": "CVE-2025-68174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68174"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: enhance kfd process check in switch partition\n\ncurrent switch partition only check if kfd_processes_table is empty.\nkfd_prcesses_table entry is deleted in kfd_process_notifier_release, but\nkfd_process tear down is in kfd_process_wq_release.\n\nconsider two processes:\n\nProcess A (workqueue) -\u003e kfd_process_wq_release -\u003e Access kfd_node member\nProcess B switch partition -\u003e amdgpu_xcp_pre_partition_switch -\u003e amdgpu_amdkfd_device_fini_sw\n-\u003e kfd_node tear down.\n\nProcess A and B may trigger a race as shown in dmesg log.\n\nThis patch is to resolve the race by adding an atomic kfd_process counter\nkfd_processes_count, it increment as create kfd process, decrement as\nfinish kfd_process_wq_release.\n\nv2: Put kfd_processes_count per kfd_dev, move decrement to kfd_process_destroy_pdds\nand bug fix. (Philip Yang)\n\n[3966658.307702] divide error: 0000 [#1] SMP NOPTI\n[3966658.350818] i10nm_edac\n[3966658.356318] CPU: 124 PID: 38435 Comm: kworker/124:0 Kdump: loaded Tainted\n[3966658.356890] Workqueue: kfd_process_wq kfd_process_wq_release [amdgpu]\n[3966658.362839] nfit\n[3966658.366457] RIP: 0010:kfd_get_num_sdma_engines+0x17/0x40 [amdgpu]\n[3966658.366460] Code: 00 00 e9 ac 81 02 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 0f 1f 44 00 00 48 8b 4f 08 48 8b b7 00 01 00 00 8b 81 58 26 03 00 99 \u003cf7\u003e be b8 01 00 00 80 b9 70 2e 00 00 00 74 0b 83 f8 02 ba 02 00 00\n[3966658.380967] x86_pkg_temp_thermal\n[3966658.391529] RSP: 0018:ffffc900a0edfdd8 EFLAGS: 00010246\n[3966658.391531] RAX: 0000000000000008 RBX: ffff8974e593b800 RCX: ffff888645900000\n[3966658.391531] RDX: 0000000000000000 RSI: ffff888129154400 RDI: ffff888129151c00\n[3966658.391532] RBP: ffff8883ad79d400 R08: 0000000000000000 R09: ffff8890d2750af4\n[3966658.391532] R10: 0000000000000018 R11: 0000000000000018 R12: 0000000000000000\n[3966658.391533] R13: ffff8883ad79d400 R14: ffffe87ff662ba00 R15: ffff8974e593b800\n[3966658.391533] FS: 0000000000000000(0000) GS:ffff88fe7f600000(0000) knlGS:0000000000000000\n[3966658.391534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[3966658.391534] CR2: 0000000000d71000 CR3: 000000dd0e970004 CR4: 0000000002770ee0\n[3966658.391535] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[3966658.391535] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[3966658.391536] PKRU: 55555554\n[3966658.391536] Call Trace:\n[3966658.391674] deallocate_sdma_queue+0x38/0xa0 [amdgpu]\n[3966658.391762] process_termination_cpsch+0x1ed/0x480 [amdgpu]\n[3966658.399754] intel_powerclamp\n[3966658.402831] kfd_process_dequeue_from_all_devices+0x5b/0xc0 [amdgpu]\n[3966658.402908] kfd_process_wq_release+0x1a/0x1a0 [amdgpu]\n[3966658.410516] coretemp\n[3966658.434016] process_one_work+0x1ad/0x380\n[3966658.434021] worker_thread+0x49/0x310\n[3966658.438963] kvm_intel\n[3966658.446041] ? process_one_work+0x380/0x380\n[3966658.446045] kthread+0x118/0x140\n[3966658.446047] ? __kthread_bind_mask+0x60/0x60\n[3966658.446050] ret_from_fork+0x1f/0x30\n[3966658.446053] Modules linked in: kpatch_20765354(OEK)\n[3966658.455310] kvm\n[3966658.464534] mptcp_diag xsk_diag raw_diag unix_diag af_packet_diag netlink_diag udp_diag act_pedit act_mirred act_vlan cls_flower kpatch_21951273(OEK) kpatch_18424469(OEK) kpatch_19749756(OEK)\n[3966658.473462] idxd_mdev\n[3966658.482306] kpatch_17971294(OEK) sch_ingress xt_conntrack amdgpu(OE) amdxcp(OE) amddrm_buddy(OE) amd_sched(OE) amdttm(OE) amdkcl(OE) intel_ifs iptable_mangle tcm_loop target_core_pscsi tcp_diag target_core_file inet_diag target_core_iblock target_core_user target_core_mod coldpgs kpatch_18383292(OEK) ip6table_nat ip6table_filter ip6_tables ip_set_hash_ipportip ip_set_hash_ipportnet ip_set_hash_ipport ip_set_bitmap_port xt_comment iptable_nat nf_nat iptable_filter ip_tables ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 sn_core_odd(OE) i40e overlay binfmt_misc tun bonding(OE) aisqos(OE) aisqo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68174",
"url": "https://www.suse.com/security/cve/CVE-2025-68174"
},
{
"category": "external",
"summary": "SUSE Bug 1255327 for CVE-2025-68174",
"url": "https://bugzilla.suse.com/1255327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68174"
},
{
"cve": "CVE-2025-68178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix possible deadlock while configuring policy\n\nFollowing deadlock can be triggered easily by lockdep:\n\nWARNING: possible circular locking dependency detected\n6.17.0-rc3-00124-ga12c2658ced0 #1665 Not tainted\n------------------------------------------------------\ncheck/1334 is trying to acquire lock:\nff1100011d9d0678 (\u0026q-\u003esysfs_lock){+.+.}-{4:4}, at: blk_unregister_queue+0x53/0x180\n\nbut task is already holding lock:\nff1100011d9d00e0 (\u0026q-\u003eq_usage_counter(queue)#3){++++}-{0:0}, at: del_gendisk+0xba/0x110\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #2 (\u0026q-\u003eq_usage_counter(queue)#3){++++}-{0:0}:\n blk_queue_enter+0x40b/0x470\n blkg_conf_prep+0x7b/0x3c0\n tg_set_limit+0x10a/0x3e0\n cgroup_file_write+0xc6/0x420\n kernfs_fop_write_iter+0x189/0x280\n vfs_write+0x256/0x490\n ksys_write+0x83/0x190\n __x64_sys_write+0x21/0x30\n x64_sys_call+0x4608/0x4630\n do_syscall_64+0xdb/0x6b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n-\u003e #1 (\u0026q-\u003erq_qos_mutex){+.+.}-{4:4}:\n __mutex_lock+0xd8/0xf50\n mutex_lock_nested+0x2b/0x40\n wbt_init+0x17e/0x280\n wbt_enable_default+0xe9/0x140\n blk_register_queue+0x1da/0x2e0\n __add_disk+0x38c/0x5d0\n add_disk_fwnode+0x89/0x250\n device_add_disk+0x18/0x30\n virtblk_probe+0x13a3/0x1800\n virtio_dev_probe+0x389/0x610\n really_probe+0x136/0x620\n __driver_probe_device+0xb3/0x230\n driver_probe_device+0x2f/0xe0\n __driver_attach+0x158/0x250\n bus_for_each_dev+0xa9/0x130\n driver_attach+0x26/0x40\n bus_add_driver+0x178/0x3d0\n driver_register+0x7d/0x1c0\n __register_virtio_driver+0x2c/0x60\n virtio_blk_init+0x6f/0xe0\n do_one_initcall+0x94/0x540\n kernel_init_freeable+0x56a/0x7b0\n kernel_init+0x2b/0x270\n ret_from_fork+0x268/0x4c0\n ret_from_fork_asm+0x1a/0x30\n\n-\u003e #0 (\u0026q-\u003esysfs_lock){+.+.}-{4:4}:\n __lock_acquire+0x1835/0x2940\n lock_acquire+0xf9/0x450\n __mutex_lock+0xd8/0xf50\n mutex_lock_nested+0x2b/0x40\n blk_unregister_queue+0x53/0x180\n __del_gendisk+0x226/0x690\n del_gendisk+0xba/0x110\n sd_remove+0x49/0xb0 [sd_mod]\n device_remove+0x87/0xb0\n device_release_driver_internal+0x11e/0x230\n device_release_driver+0x1a/0x30\n bus_remove_device+0x14d/0x220\n device_del+0x1e1/0x5a0\n __scsi_remove_device+0x1ff/0x2f0\n scsi_remove_device+0x37/0x60\n sdev_store_delete+0x77/0x100\n dev_attr_store+0x1f/0x40\n sysfs_kf_write+0x65/0x90\n kernfs_fop_write_iter+0x189/0x280\n vfs_write+0x256/0x490\n ksys_write+0x83/0x190\n __x64_sys_write+0x21/0x30\n x64_sys_call+0x4608/0x4630\n do_syscall_64+0xdb/0x6b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nother info that might help us debug this:\n\nChain exists of:\n \u0026q-\u003esysfs_lock --\u003e \u0026q-\u003erq_qos_mutex --\u003e \u0026q-\u003eq_usage_counter(queue)#3\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026q-\u003eq_usage_counter(queue)#3);\n lock(\u0026q-\u003erq_qos_mutex);\n lock(\u0026q-\u003eq_usage_counter(queue)#3);\n lock(\u0026q-\u003esysfs_lock);\n\nRoot cause is that queue_usage_counter is grabbed with rq_qos_mutex\nheld in blkg_conf_prep(), while queue should be freezed before\nrq_qos_mutex from other context.\n\nThe blk_queue_enter() from blkg_conf_prep() is used to protect against\npolicy deactivation, which is already protected with blkcg_mutex, hence\nconvert blk_queue_enter() to blkcg_mutex to fix this problem. Meanwhile,\nconsider that blkcg_mutex is held after queue is freezed from policy\ndeactivation, also convert blkg_alloc() to use GFP_NOIO.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68178",
"url": "https://www.suse.com/security/cve/CVE-2025-68178"
},
{
"category": "external",
"summary": "SUSE Bug 1255266 for CVE-2025-68178",
"url": "https://bugzilla.suse.com/1255266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68178"
},
{
"cve": "CVE-2025-68188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()\n\nUse RCU to avoid a pair of atomic operations and a potential\nUAF on dst_dev()-\u003eflags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68188",
"url": "https://www.suse.com/security/cve/CVE-2025-68188"
},
{
"category": "external",
"summary": "SUSE Bug 1255269 for CVE-2025-68188",
"url": "https://bugzilla.suse.com/1255269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68188"
},
{
"cve": "CVE-2025-68200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add bpf_prog_run_data_pointers()\n\nsyzbot found that cls_bpf_classify() is able to change\ntc_skb_cb(skb)-\u003edrop_reason triggering a warning in sk_skb_reason_drop().\n\nWARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 __sk_skb_reason_drop net/core/skbuff.c:1189 [inline]\nWARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 sk_skb_reason_drop+0x76/0x170 net/core/skbuff.c:1214\n\nstruct tc_skb_cb has been added in commit ec624fe740b4 (\"net/sched:\nExtend qdisc control block with tc control block\"), which added a wrong\ninteraction with db58ba459202 (\"bpf: wire in data and data_end for\ncls_act_bpf\").\n\ndrop_reason was added later.\n\nAdd bpf_prog_run_data_pointers() helper to save/restore the net_sched\nstorage colliding with BPF data_meta/data_end.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68200",
"url": "https://www.suse.com/security/cve/CVE-2025-68200"
},
{
"category": "external",
"summary": "SUSE Bug 1255241 for CVE-2025-68200",
"url": "https://bugzilla.suse.com/1255241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68200"
},
{
"cve": "CVE-2025-68215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix PTP cleanup on driver removal in error path\n\nImprove the cleanup on releasing PTP resources in error path.\nThe error case might happen either at the driver probe and PTP\nfeature initialization or on PTP restart (errors in reset handling, NVM\nupdate etc). In both cases, calls to PF PTP cleanup (ice_ptp_cleanup_pf\nfunction) and \u0027ps_lock\u0027 mutex deinitialization were missed.\nAdditionally, ptp clock was not unregistered in the latter case.\n\nKeep PTP state as \u0027uninitialized\u0027 on init to distinguish between error\nscenarios and to avoid resource release duplication at driver removal.\n\nThe consequence of missing ice_ptp_cleanup_pf call is the following call\ntrace dumped when ice_adapter object is freed (port list is not empty,\nas it is required at this stage):\n\n[ T93022] ------------[ cut here ]------------\n[ T93022] WARNING: CPU: 10 PID: 93022 at\nice/ice_adapter.c:67 ice_adapter_put+0xef/0x100 [ice]\n...\n[ T93022] RIP: 0010:ice_adapter_put+0xef/0x100 [ice]\n...\n[ T93022] Call Trace:\n[ T93022] \u003cTASK\u003e\n[ T93022] ? ice_adapter_put+0xef/0x100 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n[ T93022] ? __warn.cold+0xb0/0x10e\n[ T93022] ? ice_adapter_put+0xef/0x100 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n[ T93022] ? report_bug+0xd8/0x150\n[ T93022] ? handle_bug+0xe9/0x110\n[ T93022] ? exc_invalid_op+0x17/0x70\n[ T93022] ? asm_exc_invalid_op+0x1a/0x20\n[ T93022] ? ice_adapter_put+0xef/0x100 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n[ T93022] pci_device_remove+0x42/0xb0\n[ T93022] device_release_driver_internal+0x19f/0x200\n[ T93022] driver_detach+0x48/0x90\n[ T93022] bus_remove_driver+0x70/0xf0\n[ T93022] pci_unregister_driver+0x42/0xb0\n[ T93022] ice_module_exit+0x10/0xdb0 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n...\n[ T93022] ---[ end trace 0000000000000000 ]---\n[ T93022] ice: module unloaded",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68215",
"url": "https://www.suse.com/security/cve/CVE-2025-68215"
},
{
"category": "external",
"summary": "SUSE Bug 1255226 for CVE-2025-68215",
"url": "https://bugzilla.suse.com/1255226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68215"
},
{
"cve": "CVE-2025-68227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: Fix proto fallback detection with BPF\n\nThe sockmap feature allows bpf syscall from userspace, or based\non bpf sockops, replacing the sk_prot of sockets during protocol stack\nprocessing with sockmap\u0027s custom read/write interfaces.\n\u0027\u0027\u0027\ntcp_rcv_state_process()\n syn_recv_sock()/subflow_syn_recv_sock()\n tcp_init_transfer(BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB)\n bpf_skops_established \u003c== sockops\n bpf_sock_map_update(sk) \u003c== call bpf helper\n tcp_bpf_update_proto() \u003c== update sk_prot\n\u0027\u0027\u0027\n\nWhen the server has MPTCP enabled but the client sends a TCP SYN\nwithout MPTCP, subflow_syn_recv_sock() performs a fallback on the\nsubflow, replacing the subflow sk\u0027s sk_prot with the native sk_prot.\n\u0027\u0027\u0027\nsubflow_syn_recv_sock()\n subflow_ulp_fallback()\n subflow_drop_ctx()\n mptcp_subflow_ops_undo_override()\n\u0027\u0027\u0027\n\nThen, this subflow can be normally used by sockmap, which replaces the\nnative sk_prot with sockmap\u0027s custom sk_prot. The issue occurs when the\nuser executes accept::mptcp_stream_accept::mptcp_fallback_tcp_ops().\nHere, it uses sk-\u003esk_prot to compare with the native sk_prot, but this\nis incorrect when sockmap is used, as we may incorrectly set\nsk-\u003esk_socket-\u003eops.\n\nThis fix uses the more generic sk_family for the comparison instead.\n\nAdditionally, this also prevents a WARNING from occurring:\n\nresult from ./scripts/decode_stacktrace.sh:\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 337 at net/mptcp/protocol.c:68 mptcp_stream_accept \\\n(net/mptcp/protocol.c:4005)\nModules linked in:\n...\n\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\ndo_accept (net/socket.c:1989)\n__sys_accept4 (net/socket.c:2028 net/socket.c:2057)\n__x64_sys_accept (net/socket.c:2067)\nx64_sys_call (arch/x86/entry/syscall_64.c:41)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f87ac92b83d\n\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68227",
"url": "https://www.suse.com/security/cve/CVE-2025-68227"
},
{
"category": "external",
"summary": "SUSE Bug 1255216 for CVE-2025-68227",
"url": "https://bugzilla.suse.com/1255216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68227"
},
{
"cve": "CVE-2025-68241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68241"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe\n\nThe sit driver\u0027s packet transmission path calls: sit_tunnel_xmit() -\u003e\nupdate_or_create_fnhe(), which lead to fnhe_remove_oldest() being called\nto delete entries exceeding FNHE_RECLAIM_DEPTH+random.\n\nThe race window is between fnhe_remove_oldest() selecting fnheX for\ndeletion and the subsequent kfree_rcu(). During this time, the\nconcurrent path\u0027s __mkroute_output() -\u003e find_exception() can fetch the\nsoon-to-be-deleted fnheX, and rt_bind_exception() then binds it with a\nnew dst using a dst_hold(). When the original fnheX is freed via RCU,\nthe dst reference remains permanently leaked.\n\nCPU 0 CPU 1\n__mkroute_output()\n find_exception() [fnheX]\n update_or_create_fnhe()\n fnhe_remove_oldest() [fnheX]\n rt_bind_exception() [bind dst]\n RCU callback [fnheX freed, dst leak]\n\nThis issue manifests as a device reference count leak and a warning in\ndmesg when unregistering the net device:\n\n unregister_netdevice: waiting for sitX to become free. Usage count = N\n\nIdo Schimmel provided the simple test validation method [1].\n\nThe fix clears \u0027oldest-\u003efnhe_daddr\u0027 before calling fnhe_flush_routes().\nSince rt_bind_exception() checks this field, setting it to zero prevents\nthe stale fnhe from being reused and bound to a new dst just before it\nis freed.\n\n[1]\nip netns add ns1\nip -n ns1 link set dev lo up\nip -n ns1 address add 192.0.2.1/32 dev lo\nip -n ns1 link add name dummy1 up type dummy\nip -n ns1 route add 192.0.2.2/32 dev dummy1\nip -n ns1 link add name gretap1 up arp off type gretap \\\n local 192.0.2.1 remote 192.0.2.2\nip -n ns1 route add 198.51.0.0/16 dev gretap1\ntaskset -c 0 ip netns exec ns1 mausezahn gretap1 \\\n -A 198.51.100.1 -B 198.51.0.0/16 -t udp -p 1000 -c 0 -q \u0026\ntaskset -c 2 ip netns exec ns1 mausezahn gretap1 \\\n -A 198.51.100.1 -B 198.51.0.0/16 -t udp -p 1000 -c 0 -q \u0026\nsleep 10\nip netns pids ns1 | xargs kill\nip netns del ns1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68241",
"url": "https://www.suse.com/security/cve/CVE-2025-68241"
},
{
"category": "external",
"summary": "SUSE Bug 1255157 for CVE-2025-68241",
"url": "https://bugzilla.suse.com/1255157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68241"
},
{
"cve": "CVE-2025-68245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: netpoll: fix incorrect refcount handling causing incorrect cleanup\n\ncommit efa95b01da18 (\"netpoll: fix use after free\") incorrectly\nignored the refcount and prematurely set dev-\u003enpinfo to NULL during\nnetpoll cleanup, leading to improper behavior and memory leaks.\n\nScenario causing lack of proper cleanup:\n\n1) A netpoll is associated with a NIC (e.g., eth0) and netdev-\u003enpinfo is\n allocated, and refcnt = 1\n - Keep in mind that npinfo is shared among all netpoll instances. In\n this case, there is just one.\n\n2) Another netpoll is also associated with the same NIC and\n npinfo-\u003erefcnt += 1.\n - Now dev-\u003enpinfo-\u003erefcnt = 2;\n - There is just one npinfo associated to the netdev.\n\n3) When the first netpolls goes to clean up:\n - The first cleanup succeeds and clears np-\u003edev-\u003enpinfo, ignoring\n refcnt.\n - It basically calls `RCU_INIT_POINTER(np-\u003edev-\u003enpinfo, NULL);`\n - Set dev-\u003enpinfo = NULL, without proper cleanup\n - No -\u003endo_netpoll_cleanup() is either called\n\n4) Now the second target tries to clean up\n - The second cleanup fails because np-\u003edev-\u003enpinfo is already NULL.\n * In this case, ops-\u003endo_netpoll_cleanup() was never called, and\n the skb pool is not cleaned as well (for the second netpoll\n instance)\n - This leaks npinfo and skbpool skbs, which is clearly reported by\n kmemleak.\n\nRevert commit efa95b01da18 (\"netpoll: fix use after free\") and adds\nclarifying comments emphasizing that npinfo cleanup should only happen\nonce the refcount reaches zero, ensuring stable and correct netpoll\nbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68245",
"url": "https://www.suse.com/security/cve/CVE-2025-68245"
},
{
"category": "external",
"summary": "SUSE Bug 1255268 for CVE-2025-68245",
"url": "https://bugzilla.suse.com/1255268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68245"
},
{
"cve": "CVE-2025-68254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing\n\nThe Extended Supported Rates (ESR) IE handling in OnBeacon accessed\n*(p + 1 + ielen) and *(p + 2 + ielen) without verifying that these\noffsets lie within the received frame buffer. A malformed beacon with\nan ESR IE positioned at the end of the buffer could cause an\nout-of-bounds read, potentially triggering a kernel panic.\n\nAdd a boundary check to ensure that the ESR IE body and the subsequent\nbytes are within the limits of the frame before attempting to access\nthem.\n\nThis prevents OOB reads caused by malformed beacon frames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68254",
"url": "https://www.suse.com/security/cve/CVE-2025-68254"
},
{
"category": "external",
"summary": "SUSE Bug 1255140 for CVE-2025-68254",
"url": "https://bugzilla.suse.com/1255140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68254"
},
{
"cve": "CVE-2025-68256",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68256"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser\n\nThe Information Element (IE) parser rtw_get_ie() trusted the length\nbyte of each IE without validating that the IE body (len bytes after\nthe 2-byte header) fits inside the remaining frame buffer. A malformed\nframe can advertise an IE length larger than the available data, causing\nthe parser to increment its pointer beyond the buffer end. This results\nin out-of-bounds reads or, depending on the pattern, an infinite loop.\n\nFix by validating that (offset + 2 + len) does not exceed the limit\nbefore accepting the IE or advancing to the next element.\n\nThis prevents OOB reads and ensures the parser terminates safely on\nmalformed frames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68256",
"url": "https://www.suse.com/security/cve/CVE-2025-68256"
},
{
"category": "external",
"summary": "SUSE Bug 1255138 for CVE-2025-68256",
"url": "https://bugzilla.suse.com/1255138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68256"
},
{
"cve": "CVE-2025-68261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add i_data_sem protection in ext4_destroy_inline_data_nolock()\n\nFix a race between inline data destruction and block mapping.\n\nThe function ext4_destroy_inline_data_nolock() changes the inode data\nlayout by clearing EXT4_INODE_INLINE_DATA and setting EXT4_INODE_EXTENTS.\nAt the same time, another thread may execute ext4_map_blocks(), which\ntests EXT4_INODE_EXTENTS to decide whether to call ext4_ext_map_blocks()\nor ext4_ind_map_blocks().\n\nWithout i_data_sem protection, ext4_ind_map_blocks() may receive inode\nwith EXT4_INODE_EXTENTS flag and triggering assert.\n\nkernel BUG at fs/ext4/indirect.c:546!\nEXT4-fs (loop2): unmounting filesystem.\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:ext4_ind_map_blocks.cold+0x2b/0x5a fs/ext4/indirect.c:546\n\nCall Trace:\n \u003cTASK\u003e\n ext4_map_blocks+0xb9b/0x16f0 fs/ext4/inode.c:681\n _ext4_get_block+0x242/0x590 fs/ext4/inode.c:822\n ext4_block_write_begin+0x48b/0x12c0 fs/ext4/inode.c:1124\n ext4_write_begin+0x598/0xef0 fs/ext4/inode.c:1255\n ext4_da_write_begin+0x21e/0x9c0 fs/ext4/inode.c:3000\n generic_perform_write+0x259/0x5d0 mm/filemap.c:3846\n ext4_buffered_write_iter+0x15b/0x470 fs/ext4/file.c:285\n ext4_file_write_iter+0x8e0/0x17f0 fs/ext4/file.c:679\n call_write_iter include/linux/fs.h:2271 [inline]\n do_iter_readv_writev+0x212/0x3c0 fs/read_write.c:735\n do_iter_write+0x186/0x710 fs/read_write.c:861\n vfs_iter_write+0x70/0xa0 fs/read_write.c:902\n iter_file_splice_write+0x73b/0xc90 fs/splice.c:685\n do_splice_from fs/splice.c:763 [inline]\n direct_splice_actor+0x10f/0x170 fs/splice.c:950\n splice_direct_to_actor+0x33a/0xa10 fs/splice.c:896\n do_splice_direct+0x1a9/0x280 fs/splice.c:1002\n do_sendfile+0xb13/0x12c0 fs/read_write.c:1255\n __do_sys_sendfile64 fs/read_write.c:1323 [inline]\n __se_sys_sendfile64 fs/read_write.c:1309 [inline]\n __x64_sys_sendfile64+0x1cf/0x210 fs/read_write.c:1309\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68261",
"url": "https://www.suse.com/security/cve/CVE-2025-68261"
},
{
"category": "external",
"summary": "SUSE Bug 1255164 for CVE-2025-68261",
"url": "https://bugzilla.suse.com/1255164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68261"
},
{
"cve": "CVE-2025-68284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds writes in handle_auth_session_key()\n\nThe len field originates from untrusted network packets. Boundary\nchecks have been added to prevent potential out-of-bounds writes when\ndecrypting the connection secret or processing service tickets.\n\n[ idryomov: changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68284",
"url": "https://www.suse.com/security/cve/CVE-2025-68284"
},
{
"category": "external",
"summary": "SUSE Bug 1255377 for CVE-2025-68284",
"url": "https://bugzilla.suse.com/1255377"
},
{
"category": "external",
"summary": "SUSE Bug 1255378 for CVE-2025-68284",
"url": "https://bugzilla.suse.com/1255378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-68284"
},
{
"cve": "CVE-2025-68285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68285"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix potential use-after-free in have_mon_and_osd_map()\n\nThe wait loop in __ceph_open_session() can race with the client\nreceiving a new monmap or osdmap shortly after the initial map is\nreceived. Both ceph_monc_handle_map() and handle_one_map() install\na new map immediately after freeing the old one\n\n kfree(monc-\u003emonmap);\n monc-\u003emonmap = monmap;\n\n ceph_osdmap_destroy(osdc-\u003eosdmap);\n osdc-\u003eosdmap = newmap;\n\nunder client-\u003emonc.mutex and client-\u003eosdc.lock respectively, but\nbecause neither is taken in have_mon_and_osd_map() it\u0027s possible for\nclient-\u003emonc.monmap-\u003eepoch and client-\u003eosdc.osdmap-\u003eepoch arms in\n\n client-\u003emonc.monmap \u0026\u0026 client-\u003emonc.monmap-\u003eepoch \u0026\u0026\n client-\u003eosdc.osdmap \u0026\u0026 client-\u003eosdc.osdmap-\u003eepoch;\n\ncondition to dereference an already freed map. This happens to be\nreproducible with generic/395 and generic/397 with KASAN enabled:\n\n BUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70\n Read of size 4 at addr ffff88811012d810 by task mount.ceph/13305\n CPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266\n ...\n Call Trace:\n \u003cTASK\u003e\n have_mon_and_osd_map+0x56/0x70\n ceph_open_session+0x182/0x290\n ceph_get_tree+0x333/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n Allocated by task 13305:\n ceph_osdmap_alloc+0x16/0x130\n ceph_osdc_init+0x27a/0x4c0\n ceph_create_client+0x153/0x190\n create_fs_client+0x50/0x2a0\n ceph_get_tree+0xff/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 9475:\n kfree+0x212/0x290\n handle_one_map+0x23c/0x3b0\n ceph_osdc_handle_map+0x3c9/0x590\n mon_dispatch+0x655/0x6f0\n ceph_con_process_message+0xc3/0xe0\n ceph_con_v1_try_read+0x614/0x760\n ceph_con_workfn+0x2de/0x650\n process_one_work+0x486/0x7c0\n process_scheduled_works+0x73/0x90\n worker_thread+0x1c8/0x2a0\n kthread+0x2ec/0x300\n ret_from_fork+0x24/0x40\n ret_from_fork_asm+0x1a/0x30\n\nRewrite the wait loop to check the above condition directly with\nclient-\u003emonc.mutex and client-\u003eosdc.lock taken as appropriate. While\nat it, improve the timeout handling (previously mount_timeout could be\nexceeded in case wait_event_interruptible_timeout() slept more than\nonce) and access client-\u003eauth_err under client-\u003emonc.mutex to match\nhow it\u0027s set in finish_auth().\n\nmonmap_show() and osdmap_show() now take the respective lock before\naccessing the map as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68285",
"url": "https://www.suse.com/security/cve/CVE-2025-68285"
},
{
"category": "external",
"summary": "SUSE Bug 1255401 for CVE-2025-68285",
"url": "https://bugzilla.suse.com/1255401"
},
{
"category": "external",
"summary": "SUSE Bug 1255402 for CVE-2025-68285",
"url": "https://bugzilla.suse.com/1255402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-68285"
},
{
"cve": "CVE-2025-68296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup\n\nProtect vga_switcheroo_client_fb_set() with console lock. Avoids OOB\naccess in fbcon_remap_all(). Without holding the console lock the call\nraces with switching outputs.\n\nVGA switcheroo calls fbcon_remap_all() when switching clients. The fbcon\nfunction uses struct fb_info.node, which is set by register_framebuffer().\nAs the fb-helper code currently sets up VGA switcheroo before registering\nthe framebuffer, the value of node is -1 and therefore not a legal value.\nFor example, fbcon uses the value within set_con2fb_map() [1] as an index\ninto an array.\n\nMoving vga_switcheroo_client_fb_set() after register_framebuffer() can\nresult in VGA switching that does not switch fbcon correctly.\n\nTherefore move vga_switcheroo_client_fb_set() under fbcon_fb_registered(),\nwhich already holds the console lock. Fbdev calls fbcon_fb_registered()\nfrom within register_framebuffer(). Serializes the helper with VGA\nswitcheroo\u0027s call to fbcon_remap_all().\n\nAlthough vga_switcheroo_client_fb_set() takes an instance of struct fb_info\nas parameter, it really only needs the contained fbcon state. Moving the\ncall to fbcon initialization is therefore cleaner than before. Only amdgpu,\ni915, nouveau and radeon support vga_switcheroo. For all other drivers,\nthis change does nothing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68296",
"url": "https://www.suse.com/security/cve/CVE-2025-68296"
},
{
"category": "external",
"summary": "SUSE Bug 1255128 for CVE-2025-68296",
"url": "https://bugzilla.suse.com/1255128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68296"
},
{
"cve": "CVE-2025-68297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix crash in process_v2_sparse_read() for encrypted directories\n\nThe crash in process_v2_sparse_read() for fscrypt-encrypted directories\nhas been reported. Issue takes place for Ceph msgr2 protocol in secure\nmode. It can be reproduced by the steps:\n\nsudo mount -t ceph :/ /mnt/cephfs/ -o name=admin,fs=cephfs,ms_mode=secure\n\n(1) mkdir /mnt/cephfs/fscrypt-test-3\n(2) cp area_decrypted.tar /mnt/cephfs/fscrypt-test-3\n(3) fscrypt encrypt --source=raw_key --key=./my.key /mnt/cephfs/fscrypt-test-3\n(4) fscrypt lock /mnt/cephfs/fscrypt-test-3\n(5) fscrypt unlock --key=my.key /mnt/cephfs/fscrypt-test-3\n(6) cat /mnt/cephfs/fscrypt-test-3/area_decrypted.tar\n(7) Issue has been triggered\n\n[ 408.072247] ------------[ cut here ]------------\n[ 408.072251] WARNING: CPU: 1 PID: 392 at net/ceph/messenger_v2.c:865\nceph_con_v2_try_read+0x4b39/0x72f0\n[ 408.072267] Modules linked in: intel_rapl_msr intel_rapl_common\nintel_uncore_frequency_common intel_pmc_core pmt_telemetry pmt_discovery\npmt_class intel_pmc_ssram_telemetry intel_vsec kvm_intel joydev kvm irqbypass\npolyval_clmulni ghash_clmulni_intel aesni_intel rapl input_leds psmouse\nserio_raw i2c_piix4 vga16fb bochs vgastate i2c_smbus floppy mac_hid qemu_fw_cfg\npata_acpi sch_fq_codel rbd msr parport_pc ppdev lp parport efi_pstore\n[ 408.072304] CPU: 1 UID: 0 PID: 392 Comm: kworker/1:3 Not tainted 6.17.0-rc7+\n[ 408.072307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.17.0-5.fc42 04/01/2014\n[ 408.072310] Workqueue: ceph-msgr ceph_con_workfn\n[ 408.072314] RIP: 0010:ceph_con_v2_try_read+0x4b39/0x72f0\n[ 408.072317] Code: c7 c1 20 f0 d4 ae 50 31 d2 48 c7 c6 60 27 d5 ae 48 c7 c7 f8\n8e 6f b0 68 60 38 d5 ae e8 00 47 61 fe 48 83 c4 18 e9 ac fc ff ff \u003c0f\u003e 0b e9 06\nfe ff ff 4c 8b 9d 98 fd ff ff 0f 84 64 e7 ff ff 89 85\n[ 408.072319] RSP: 0018:ffff88811c3e7a30 EFLAGS: 00010246\n[ 408.072322] RAX: ffffed1024874c6f RBX: ffffea00042c2b40 RCX: 0000000000000f38\n[ 408.072324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 408.072325] RBP: ffff88811c3e7ca8 R08: 0000000000000000 R09: 00000000000000c8\n[ 408.072326] R10: 00000000000000c8 R11: 0000000000000000 R12: 00000000000000c8\n[ 408.072327] R13: dffffc0000000000 R14: ffff8881243a6030 R15: 0000000000003000\n[ 408.072329] FS: 0000000000000000(0000) GS:ffff88823eadf000(0000)\nknlGS:0000000000000000\n[ 408.072331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 408.072332] CR2: 000000c0003c6000 CR3: 000000010c106005 CR4: 0000000000772ef0\n[ 408.072336] PKRU: 55555554\n[ 408.072337] Call Trace:\n[ 408.072338] \u003cTASK\u003e\n[ 408.072340] ? sched_clock_noinstr+0x9/0x10\n[ 408.072344] ? __pfx_ceph_con_v2_try_read+0x10/0x10\n[ 408.072347] ? _raw_spin_unlock+0xe/0x40\n[ 408.072349] ? finish_task_switch.isra.0+0x15d/0x830\n[ 408.072353] ? __kasan_check_write+0x14/0x30\n[ 408.072357] ? mutex_lock+0x84/0xe0\n[ 408.072359] ? __pfx_mutex_lock+0x10/0x10\n[ 408.072361] ceph_con_workfn+0x27e/0x10e0\n[ 408.072364] ? metric_delayed_work+0x311/0x2c50\n[ 408.072367] process_one_work+0x611/0xe20\n[ 408.072371] ? __kasan_check_write+0x14/0x30\n[ 408.072373] worker_thread+0x7e3/0x1580\n[ 408.072375] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ 408.072378] ? __pfx_worker_thread+0x10/0x10\n[ 408.072381] kthread+0x381/0x7a0\n[ 408.072383] ? __pfx__raw_spin_lock_irq+0x10/0x10\n[ 408.072385] ? __pfx_kthread+0x10/0x10\n[ 408.072387] ? __kasan_check_write+0x14/0x30\n[ 408.072389] ? recalc_sigpending+0x160/0x220\n[ 408.072392] ? _raw_spin_unlock_irq+0xe/0x50\n[ 408.072394] ? calculate_sigpending+0x78/0xb0\n[ 408.072395] ? __pfx_kthread+0x10/0x10\n[ 408.072397] ret_from_fork+0x2b6/0x380\n[ 408.072400] ? __pfx_kthread+0x10/0x10\n[ 408.072402] ret_from_fork_asm+0x1a/0x30\n[ 408.072406] \u003c/TASK\u003e\n[ 408.072407] ---[ end trace 0000000000000000 ]---\n[ 408.072418] Oops: general protection fault, probably for non-canonical\naddress 0xdffffc00000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68297",
"url": "https://www.suse.com/security/cve/CVE-2025-68297"
},
{
"category": "external",
"summary": "SUSE Bug 1255403 for CVE-2025-68297",
"url": "https://bugzilla.suse.com/1255403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68297"
},
{
"cve": "CVE-2025-68301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: fix fragment overflow handling in RX path\n\nThe atlantic driver can receive packets with more than MAX_SKB_FRAGS (17)\nfragments when handling large multi-descriptor packets. This causes an\nout-of-bounds write in skb_add_rx_frag_netmem() leading to kernel panic.\n\nThe issue occurs because the driver doesn\u0027t check the total number of\nfragments before calling skb_add_rx_frag(). When a packet requires more\nthan MAX_SKB_FRAGS fragments, the fragment index exceeds the array bounds.\n\nFix by assuming there will be an extra frag if buff-\u003elen \u003e AQ_CFG_RX_HDR_SIZE,\nthen all fragments are accounted for. And reusing the existing check to\nprevent the overflow earlier in the code path.\n\nThis crash occurred in production with an Aquantia AQC113 10G NIC.\n\nStack trace from production environment:\n```\nRIP: 0010:skb_add_rx_frag_netmem+0x29/0xd0\nCode: 90 f3 0f 1e fa 0f 1f 44 00 00 48 89 f8 41 89\nca 48 89 d7 48 63 ce 8b 90 c0 00 00 00 48 c1 e1 04 48 01 ca 48 03 90\nc8 00 00 00 \u003c48\u003e 89 7a 30 44 89 52 3c 44 89 42 38 40 f6 c7 01 75 74 48\n89 fa 83\nRSP: 0018:ffffa9bec02a8d50 EFLAGS: 00010287\nRAX: ffff925b22e80a00 RBX: ffff925ad38d2700 RCX:\nfffffffe0a0c8000\nRDX: ffff9258ea95bac0 RSI: ffff925ae0a0c800 RDI:\n0000000000037a40\nRBP: 0000000000000024 R08: 0000000000000000 R09:\n0000000000000021\nR10: 0000000000000848 R11: 0000000000000000 R12:\nffffa9bec02a8e24\nR13: ffff925ad8615570 R14: 0000000000000000 R15:\nffff925b22e80a00\nFS: 0000000000000000(0000)\nGS:ffff925e47880000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffff9258ea95baf0 CR3: 0000000166022004 CR4:\n0000000000f72ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\naq_ring_rx_clean+0x175/0xe60 [atlantic]\n? aq_ring_rx_clean+0x14d/0xe60 [atlantic]\n? aq_ring_tx_clean+0xdf/0x190 [atlantic]\n? kmem_cache_free+0x348/0x450\n? aq_vec_poll+0x81/0x1d0 [atlantic]\n? __napi_poll+0x28/0x1c0\n? net_rx_action+0x337/0x420\n```\n\nChanges in v4:\n- Add Fixes: tag to satisfy patch validation requirements.\n\nChanges in v3:\n- Fix by assuming there will be an extra frag if buff-\u003elen \u003e AQ_CFG_RX_HDR_SIZE,\n then all fragments are accounted for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68301",
"url": "https://www.suse.com/security/cve/CVE-2025-68301"
},
{
"category": "external",
"summary": "SUSE Bug 1255120 for CVE-2025-68301",
"url": "https://bugzilla.suse.com/1255120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68301"
},
{
"cve": "CVE-2025-68320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlan966x: Fix sleeping in atomic context\n\nThe following warning was seen when we try to connect using ssh to the device.\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:575\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 104, name: dropbear\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nCPU: 0 UID: 0 PID: 104 Comm: dropbear Tainted: G W 6.18.0-rc2-00399-g6f1ab1b109b9-dirty #530 NONE\nTainted: [W]=WARN\nHardware name: Generic DT based system\nCall trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x7c/0xac\n dump_stack_lvl from __might_resched+0x16c/0x2b0\n __might_resched from __mutex_lock+0x64/0xd34\n __mutex_lock from mutex_lock_nested+0x1c/0x24\n mutex_lock_nested from lan966x_stats_get+0x5c/0x558\n lan966x_stats_get from dev_get_stats+0x40/0x43c\n dev_get_stats from dev_seq_printf_stats+0x3c/0x184\n dev_seq_printf_stats from dev_seq_show+0x10/0x30\n dev_seq_show from seq_read_iter+0x350/0x4ec\n seq_read_iter from seq_read+0xfc/0x194\n seq_read from proc_reg_read+0xac/0x100\n proc_reg_read from vfs_read+0xb0/0x2b0\n vfs_read from ksys_read+0x6c/0xec\n ksys_read from ret_fast_syscall+0x0/0x1c\nException stack(0xf0b11fa8 to 0xf0b11ff0)\n1fa0: 00000001 00001000 00000008 be9048d8 00001000 00000001\n1fc0: 00000001 00001000 00000008 00000003 be905920 0000001e 00000000 00000001\n1fe0: 0005404c be9048c0 00018684 b6ec2cd8\n\nIt seems that we are using a mutex in a atomic context which is wrong.\nChange the mutex with a spinlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68320",
"url": "https://www.suse.com/security/cve/CVE-2025-68320"
},
{
"category": "external",
"summary": "SUSE Bug 1255172 for CVE-2025-68320",
"url": "https://bugzilla.suse.com/1255172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68320"
},
{
"cve": "CVE-2025-68325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_cake: Fix incorrect qlen reduction in cake_drop\n\nIn cake_drop(), qdisc_tree_reduce_backlog() is used to update the qlen\nand backlog of the qdisc hierarchy. Its caller, cake_enqueue(), assumes\nthat the parent qdisc will enqueue the current packet. However, this\nassumption breaks when cake_enqueue() returns NET_XMIT_CN: the parent\nqdisc stops enqueuing current packet, leaving the tree qlen/backlog\naccounting inconsistent. This mismatch can lead to a NULL dereference\n(e.g., when the parent Qdisc is qfq_qdisc).\n\nThis patch computes the qlen/backlog delta in a more robust way by\nobserving the difference before and after the series of cake_drop()\ncalls, and then compensates the qdisc tree accounting if cake_enqueue()\nreturns NET_XMIT_CN.\n\nTo ensure correct compensation when ACK thinning is enabled, a new\nvariable is introduced to keep qlen unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68325",
"url": "https://www.suse.com/security/cve/CVE-2025-68325"
},
{
"category": "external",
"summary": "SUSE Bug 1255417 for CVE-2025-68325",
"url": "https://bugzilla.suse.com/1255417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68325"
},
{
"cve": "CVE-2025-68327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Fix synchronous external abort on unbind\n\nA synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is\nexecuted after the configuration sequence described above:\n\nmodprobe usb_f_ecm\nmodprobe libcomposite\nmodprobe configfs\ncd /sys/kernel/config/usb_gadget\nmkdir -p g1\ncd g1\necho \"0x1d6b\" \u003e idVendor\necho \"0x0104\" \u003e idProduct\nmkdir -p strings/0x409\necho \"0123456789\" \u003e strings/0x409/serialnumber\necho \"Renesas.\" \u003e strings/0x409/manufacturer\necho \"Ethernet Gadget\" \u003e strings/0x409/product\nmkdir -p functions/ecm.usb0\nmkdir -p configs/c.1\nmkdir -p configs/c.1/strings/0x409\necho \"ECM\" \u003e configs/c.1/strings/0x409/configuration\n\nif [ ! -L configs/c.1/ecm.usb0 ]; then\n ln -s functions/ecm.usb0 configs/c.1\nfi\n\necho 11e20000.usb \u003e UDC\necho 11e20000.usb \u003e /sys/bus/platform/drivers/renesas_usbhs/unbind\n\nThe displayed trace is as follows:\n\n Internal error: synchronous external abort: 0000000096000010 [#1] SMP\n CPU: 0 UID: 0 PID: 188 Comm: sh Tainted: G M 6.17.0-rc7-next-20250922-00010-g41050493b2bd #55 PREEMPT\n Tainted: [M]=MACHINE_CHECK\n Hardware name: Renesas SMARC EVK version 2 based on r9a08g045s33 (DT)\n pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs]\n lr : usbhsg_update_pullup+0x3c/0x68 [renesas_usbhs]\n sp : ffff8000838b3920\n x29: ffff8000838b3920 x28: ffff00000d585780 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: ffff00000c3e3810\n x23: ffff00000d5e5c80 x22: ffff00000d5e5d40 x21: 0000000000000000\n x20: 0000000000000000 x19: ffff00000d5e5c80 x18: 0000000000000020\n x17: 2e30303230316531 x16: 312d7968703a7968 x15: 3d454d414e5f4344\n x14: 000000000000002c x13: 0000000000000000 x12: 0000000000000000\n x11: ffff00000f358f38 x10: ffff00000f358db0 x9 : ffff00000b41f418\n x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\n x5 : 8080808000000000 x4 : 000000004b5ccb9d x3 : 0000000000000000\n x2 : 0000000000000000 x1 : ffff800083790000 x0 : ffff00000d5e5c80\n Call trace:\n usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs] (P)\n usbhsg_pullup+0x4c/0x7c [renesas_usbhs]\n usb_gadget_disconnect_locked+0x48/0xd4\n gadget_unbind_driver+0x44/0x114\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1c8/0x224\n device_release_driver+0x18/0x24\n bus_remove_device+0xcc/0x10c\n device_del+0x14c/0x404\n usb_del_gadget+0x88/0xc0\n usb_del_gadget_udc+0x18/0x30\n usbhs_mod_gadget_remove+0x24/0x44 [renesas_usbhs]\n usbhs_mod_remove+0x20/0x30 [renesas_usbhs]\n usbhs_remove+0x98/0xdc [renesas_usbhs]\n platform_remove+0x20/0x30\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1c8/0x224\n device_driver_detach+0x18/0x24\n unbind_store+0xb4/0xb8\n drv_attr_store+0x24/0x38\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x128/0x1b8\n vfs_write+0x2ac/0x350\n ksys_write+0x68/0xfc\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xf0\n el0t_64_sync_handler+0xa0/0xe4\n el0t_64_sync+0x198/0x19c\n Code: 7100003f 1a9f07e1 531c6c22 f9400001 (79400021)\n ---[ end trace 0000000000000000 ]---\n note: sh[188] exited with irqs disabled\n note: sh[188] exited with preempt_count 1\n\nThe issue occurs because usbhs_sys_function_pullup(), which accesses the IP\nregisters, is executed after the USBHS clocks have been disabled. The\nproblem is reproducible on the Renesas RZ/G3S SoC starting with the\naddition of module stop in the clock enable/disable APIs. With module stop\nfunctionality enabled, a bus error is expected if a master accesses a\nmodule whose clock has been stopped and module stop activated.\n\nDisable the IP clocks at the end of remove.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68327",
"url": "https://www.suse.com/security/cve/CVE-2025-68327"
},
{
"category": "external",
"summary": "SUSE Bug 1255488 for CVE-2025-68327",
"url": "https://bugzilla.suse.com/1255488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68327"
},
{
"cve": "CVE-2025-68337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted\n\nThere\u0027s issue when file system corrupted:\n------------[ cut here ]------------\nkernel BUG at fs/jbd2/transaction.c:1289!\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 5 UID: 0 PID: 2031 Comm: mkdir Not tainted 6.18.0-rc1-next\nRIP: 0010:jbd2_journal_get_create_access+0x3b6/0x4d0\nRSP: 0018:ffff888117aafa30 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: ffff88811a86b000 RCX: ffffffff89a63534\nRDX: 1ffff110200ec602 RSI: 0000000000000004 RDI: ffff888100763010\nRBP: ffff888100763000 R08: 0000000000000001 R09: ffff888100763028\nR10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff88812c432000 R14: ffff88812c608000 R15: ffff888120bfc000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f91d6970c99 CR3: 00000001159c4000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __ext4_journal_get_create_access+0x42/0x170\n ext4_getblk+0x319/0x6f0\n ext4_bread+0x11/0x100\n ext4_append+0x1e6/0x4a0\n ext4_init_new_dir+0x145/0x1d0\n ext4_mkdir+0x326/0x920\n vfs_mkdir+0x45c/0x740\n do_mkdirat+0x234/0x2f0\n __x64_sys_mkdir+0xd6/0x120\n do_syscall_64+0x5f/0xfa0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe above issue occurs with us in errors=continue mode when accompanied by\nstorage failures. There have been many inconsistencies in the file system\ndata.\nIn the case of file system data inconsistency, for example, if the block\nbitmap of a referenced block is not set, it can lead to the situation where\na block being committed is allocated and used again. As a result, the\nfollowing condition will not be satisfied then trigger BUG_ON. Of course,\nit is entirely possible to construct a problematic image that can trigger\nthis BUG_ON through specific operations. In fact, I have constructed such\nan image and easily reproduced this issue.\nTherefore, J_ASSERT() holds true only under ideal conditions, but it may\nnot necessarily be satisfied in exceptional scenarios. Using J_ASSERT()\ndirectly in abnormal situations would cause the system to crash, which is\nclearly not what we want. So here we directly trigger a JBD abort instead\nof immediately invoking BUG_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68337",
"url": "https://www.suse.com/security/cve/CVE-2025-68337"
},
{
"category": "external",
"summary": "SUSE Bug 1255482 for CVE-2025-68337",
"url": "https://bugzilla.suse.com/1255482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68337"
},
{
"cve": "CVE-2025-68349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68349"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid\n\nFixes a crash when layout is null during this call stack:\n\nwrite_inode\n -\u003e nfs4_write_inode\n -\u003e pnfs_layoutcommit_inode\n\npnfs_set_layoutcommit relies on the lseg refcount to keep the layout\naround. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt\nto reference a null layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68349",
"url": "https://www.suse.com/security/cve/CVE-2025-68349"
},
{
"category": "external",
"summary": "SUSE Bug 1255544 for CVE-2025-68349",
"url": "https://bugzilla.suse.com/1255544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68349"
},
{
"cve": "CVE-2025-68363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68363"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check skb-\u003etransport_header is set in bpf_skb_check_mtu\n\nThe bpf_skb_check_mtu helper needs to use skb-\u003etransport_header when\nthe BPF_MTU_CHK_SEGS flag is used:\n\n\tbpf_skb_check_mtu(skb, ifindex, \u0026mtu_len, 0, BPF_MTU_CHK_SEGS)\n\nThe transport_header is not always set. There is a WARN_ON_ONCE\nreport when CONFIG_DEBUG_NET is enabled + skb-\u003egso_size is set +\nbpf_prog_test_run is used:\n\nWARNING: CPU: 1 PID: 2216 at ./include/linux/skbuff.h:3071\n skb_gso_validate_network_len\n bpf_skb_check_mtu\n bpf_prog_3920e25740a41171_tc_chk_segs_flag # A test in the next patch\n bpf_test_run\n bpf_prog_test_run_skb\n\nFor a normal ingress skb (not test_run), skb_reset_transport_header\nis performed but there is plan to avoid setting it as described in\ncommit 2170a1f09148 (\"net: no longer reset transport_header in __netif_receive_skb_core()\").\n\nThis patch fixes the bpf helper by checking\nskb_transport_header_was_set(). The check is done just before\nskb-\u003etransport_header is used, to avoid breaking the existing bpf prog.\nThe WARN_ON_ONCE is limited to bpf_prog_test_run, so targeting bpf-next.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68363",
"url": "https://www.suse.com/security/cve/CVE-2025-68363"
},
{
"category": "external",
"summary": "SUSE Bug 1255552 for CVE-2025-68363",
"url": "https://bugzilla.suse.com/1255552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68363"
},
{
"cve": "CVE-2025-68365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68365"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Initialize allocated memory before use\n\nKMSAN reports: Multiple uninitialized values detected:\n\n- KMSAN: uninit-value in ntfs_read_hdr (3)\n- KMSAN: uninit-value in bcmp (3)\n\nMemory is allocated by __getname(), which is a wrapper for\nkmem_cache_alloc(). This memory is used before being properly\ncleared. Change kmem_cache_alloc() to kmem_cache_zalloc() to\nproperly allocate and clear memory before use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68365",
"url": "https://www.suse.com/security/cve/CVE-2025-68365"
},
{
"category": "external",
"summary": "SUSE Bug 1255548 for CVE-2025-68365",
"url": "https://bugzilla.suse.com/1255548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68365"
},
{
"cve": "CVE-2025-68366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68366"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: defer config unlock in nbd_genl_connect\n\nThere is one use-after-free warning when running NBD_CMD_CONNECT and\nNBD_CLEAR_SOCK:\n\nnbd_genl_connect\n nbd_alloc_and_init_config // config_refs=1\n nbd_start_device // config_refs=2\n set NBD_RT_HAS_CONFIG_REF\t\t\topen nbd // config_refs=3\n recv_work done // config_refs=2\n\t\t\t\t\t\tNBD_CLEAR_SOCK // config_refs=1\n\t\t\t\t\t\tclose nbd // config_refs=0\n refcount_inc -\u003e uaf\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 24 PID: 1014 at lib/refcount.c:25 refcount_warn_saturate+0x12e/0x290\n nbd_genl_connect+0x16d0/0x1ab0\n genl_family_rcv_msg_doit+0x1f3/0x310\n genl_rcv_msg+0x44a/0x790\n\nThe issue can be easily reproduced by adding a small delay before\nrefcount_inc(\u0026nbd-\u003econfig_refs) in nbd_genl_connect():\n\n mutex_unlock(\u0026nbd-\u003econfig_lock);\n if (!ret) {\n set_bit(NBD_RT_HAS_CONFIG_REF, \u0026config-\u003eruntime_flags);\n+ printk(\"before sleep\\n\");\n+ mdelay(5 * 1000);\n+ printk(\"after sleep\\n\");\n refcount_inc(\u0026nbd-\u003econfig_refs);\n nbd_connect_reply(info, nbd-\u003eindex);\n }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68366",
"url": "https://www.suse.com/security/cve/CVE-2025-68366"
},
{
"category": "external",
"summary": "SUSE Bug 1255622 for CVE-2025-68366",
"url": "https://bugzilla.suse.com/1255622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68366"
},
{
"cve": "CVE-2025-68367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68367"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse\n\nThe following warning appears when running syzkaller, and this issue also\nexists in the mainline code.\n\n ------------[ cut here ]------------\n list_add double add: new=ffffffffa57eee28, prev=ffffffffa57eee28, next=ffffffffa5e63100.\n WARNING: CPU: 0 PID: 1491 at lib/list_debug.c:35 __list_add_valid_or_report+0xf7/0x130\n Modules linked in:\n CPU: 0 PID: 1491 Comm: syz.1.28 Not tainted 6.6.0+ #3\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__list_add_valid_or_report+0xf7/0x130\n RSP: 0018:ff1100010dfb7b78 EFLAGS: 00010282\n RAX: 0000000000000000 RBX: ffffffffa57eee18 RCX: ffffffff97fc9817\n RDX: 0000000000040000 RSI: ffa0000002383000 RDI: 0000000000000001\n RBP: ffffffffa57eee28 R08: 0000000000000001 R09: ffe21c0021bf6f2c\n R10: 0000000000000001 R11: 6464615f7473696c R12: ffffffffa5e63100\n R13: ffffffffa57eee28 R14: ffffffffa57eee28 R15: ff1100010dfb7d48\n FS: 00007fb14398b640(0000) GS:ff11000119600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000010d096005 CR4: 0000000000773ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 80000000\n Call Trace:\n \u003cTASK\u003e\n input_register_handler+0xb3/0x210\n mac_hid_start_emulation+0x1c5/0x290\n mac_hid_toggle_emumouse+0x20a/0x240\n proc_sys_call_handler+0x4c2/0x6e0\n new_sync_write+0x1b1/0x2d0\n vfs_write+0x709/0x950\n ksys_write+0x12a/0x250\n do_syscall_64+0x5a/0x110\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe WARNING occurs when two processes concurrently write to the mac-hid\nemulation sysctl, causing a race condition in mac_hid_toggle_emumouse().\nBoth processes read old_val=0, then both try to register the input handler,\nleading to a double list_add of the same handler.\n\n CPU0 CPU1\n ------------------------- -------------------------\n vfs_write() //write 1 vfs_write() //write 1\n proc_sys_write() proc_sys_write()\n mac_hid_toggle_emumouse() mac_hid_toggle_emumouse()\n old_val = *valp // old_val=0\n old_val = *valp // old_val=0\n mutex_lock_killable()\n proc_dointvec() // *valp=1\n mac_hid_start_emulation()\n input_register_handler()\n mutex_unlock()\n mutex_lock_killable()\n proc_dointvec()\n mac_hid_start_emulation()\n input_register_handler() //Trigger Warning\n mutex_unlock()\n\nFix this by moving the old_val read inside the mutex lock region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68367",
"url": "https://www.suse.com/security/cve/CVE-2025-68367"
},
{
"category": "external",
"summary": "SUSE Bug 1255547 for CVE-2025-68367",
"url": "https://bugzilla.suse.com/1255547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68367"
},
{
"cve": "CVE-2025-68372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68372"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: defer config put in recv_work\n\nThere is one uaf issue in recv_work when running NBD_CLEAR_SOCK and\nNBD_CMD_RECONFIGURE:\n nbd_genl_connect // conf_ref=2 (connect and recv_work A)\n nbd_open\t // conf_ref=3\n recv_work A done // conf_ref=2\n NBD_CLEAR_SOCK // conf_ref=1\n nbd_genl_reconfigure // conf_ref=2 (trigger recv_work B)\n close nbd\t // conf_ref=1\n recv_work B\n config_put // conf_ref=0\n atomic_dec(\u0026config-\u003erecv_threads); -\u003e UAF\n\nOr only running NBD_CLEAR_SOCK:\n nbd_genl_connect // conf_ref=2\n nbd_open \t // conf_ref=3\n NBD_CLEAR_SOCK // conf_ref=2\n close nbd\n nbd_release\n config_put // conf_ref=1\n recv_work\n config_put \t // conf_ref=0\n atomic_dec(\u0026config-\u003erecv_threads); -\u003e UAF\n\nCommit 87aac3a80af5 (\"nbd: call nbd_config_put() before notifying the\nwaiter\") moved nbd_config_put() to run before waking up the waiter in\nrecv_work, in order to ensure that nbd_start_device_ioctl() would not\nbe woken up while nbd-\u003etask_recv was still uncleared.\n\nHowever, in nbd_start_device_ioctl(), after being woken up it explicitly\ncalls flush_workqueue() to make sure all current works are finished.\nTherefore, there is no need to move the config put ahead of the wakeup.\n\nMove nbd_config_put() to the end of recv_work, so that the reference is\nheld for the whole lifetime of the worker thread. This makes sure the\nconfig cannot be freed while recv_work is still running, even if clear\n+ reconfigure interleave.\n\nIn addition, we don\u0027t need to worry about recv_work dropping the last\nnbd_put (which causes deadlock):\n\npath A (netlink with NBD_CFLAG_DESTROY_ON_DISCONNECT):\n connect // nbd_refs=1 (trigger recv_work)\n open nbd // nbd_refs=2\n NBD_CLEAR_SOCK\n close nbd\n nbd_release\n nbd_disconnect_and_put\n flush_workqueue // recv_work done\n nbd_config_put\n nbd_put // nbd_refs=1\n nbd_put // nbd_refs=0\n queue_work\n\npath B (netlink without NBD_CFLAG_DESTROY_ON_DISCONNECT):\n connect // nbd_refs=2 (trigger recv_work)\n open nbd // nbd_refs=3\n NBD_CLEAR_SOCK // conf_refs=2\n close nbd\n nbd_release\n nbd_config_put // conf_refs=1\n nbd_put // nbd_refs=2\n recv_work done // conf_refs=0, nbd_refs=1\n rmmod // nbd_refs=0\n\nDepends-on: e2daec488c57 (\"nbd: Fix hungtask when nbd_config_put\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68372",
"url": "https://www.suse.com/security/cve/CVE-2025-68372"
},
{
"category": "external",
"summary": "SUSE Bug 1255537 for CVE-2025-68372",
"url": "https://bugzilla.suse.com/1255537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68372"
},
{
"cve": "CVE-2025-68379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix null deref on srq-\u003erq.queue after resize failure\n\nA NULL pointer dereference can occur in rxe_srq_chk_attr() when\nibv_modify_srq() is invoked twice in succession under certain error\nconditions. The first call may fail in rxe_queue_resize(), which leads\nrxe_srq_from_attr() to set srq-\u003erq.queue = NULL. The second call then\ntriggers a crash (null deref) when accessing\nsrq-\u003erq.queue-\u003ebuf-\u003eindex_mask.\n\nCall Trace:\n\u003cTASK\u003e\nrxe_modify_srq+0x170/0x480 [rdma_rxe]\n? __pfx_rxe_modify_srq+0x10/0x10 [rdma_rxe]\n? uverbs_try_lock_object+0x4f/0xa0 [ib_uverbs]\n? rdma_lookup_get_uobject+0x1f0/0x380 [ib_uverbs]\nib_uverbs_modify_srq+0x204/0x290 [ib_uverbs]\n? __pfx_ib_uverbs_modify_srq+0x10/0x10 [ib_uverbs]\n? tryinc_node_nr_active+0xe6/0x150\n? uverbs_fill_udata+0xed/0x4f0 [ib_uverbs]\nib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x2c0/0x470 [ib_uverbs]\n? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\n? uverbs_fill_udata+0xed/0x4f0 [ib_uverbs]\nib_uverbs_run_method+0x55a/0x6e0 [ib_uverbs]\n? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\nib_uverbs_cmd_verbs+0x54d/0x800 [ib_uverbs]\n? __pfx_ib_uverbs_cmd_verbs+0x10/0x10 [ib_uverbs]\n? __pfx___raw_spin_lock_irqsave+0x10/0x10\n? __pfx_do_vfs_ioctl+0x10/0x10\n? ioctl_has_perm.constprop.0.isra.0+0x2c7/0x4c0\n? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10\nib_uverbs_ioctl+0x13e/0x220 [ib_uverbs]\n? __pfx_ib_uverbs_ioctl+0x10/0x10 [ib_uverbs]\n__x64_sys_ioctl+0x138/0x1c0\ndo_syscall_64+0x82/0x250\n? fdget_pos+0x58/0x4c0\n? ksys_write+0xf3/0x1c0\n? __pfx_ksys_write+0x10/0x10\n? do_syscall_64+0xc8/0x250\n? __pfx_vm_mmap_pgoff+0x10/0x10\n? fget+0x173/0x230\n? fput+0x2a/0x80\n? ksys_mmap_pgoff+0x224/0x4c0\n? do_syscall_64+0xc8/0x250\n? do_user_addr_fault+0x37b/0xfe0\n? clear_bhb_loop+0x50/0xa0\n? clear_bhb_loop+0x50/0xa0\n? clear_bhb_loop+0x50/0xa0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68379",
"url": "https://www.suse.com/security/cve/CVE-2025-68379"
},
{
"category": "external",
"summary": "SUSE Bug 1255695 for CVE-2025-68379",
"url": "https://bugzilla.suse.com/1255695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68379"
},
{
"cve": "CVE-2025-68725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Do not let BPF test infra emit invalid GSO types to stack\n\nYinhao et al. reported that their fuzzer tool was able to trigger a\nskb_warn_bad_offload() from netif_skb_features() -\u003e gso_features_check().\nWhen a BPF program - triggered via BPF test infra - pushes the packet\nto the loopback device via bpf_clone_redirect() then mentioned offload\nwarning can be seen. GSO-related features are then rightfully disabled.\n\nWe get into this situation due to convert___skb_to_skb() setting\ngso_segs and gso_size but not gso_type. Technically, it makes sense\nthat this warning triggers since the GSO properties are malformed due\nto the gso_type. Potentially, the gso_type could be marked non-trustworthy\nthrough setting it at least to SKB_GSO_DODGY without any other specific\nassumptions, but that also feels wrong given we should not go further\ninto the GSO engine in the first place.\n\nThe checks were added in 121d57af308d (\"gso: validate gso_type in GSO\nhandlers\") because there were malicious (syzbot) senders that combine\na protocol with a non-matching gso_type. If we would want to drop such\npackets, gso_features_check() currently only returns feature flags via\nnetif_skb_features(), so one location for potentially dropping such skbs\ncould be validate_xmit_unreadable_skb(), but then otoh it would be\nan additional check in the fast-path for a very corner case. Given\nbpf_clone_redirect() is the only place where BPF test infra could emit\nsuch packets, lets reject them right there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68725",
"url": "https://www.suse.com/security/cve/CVE-2025-68725"
},
{
"category": "external",
"summary": "SUSE Bug 1255569 for CVE-2025-68725",
"url": "https://bugzilla.suse.com/1255569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68725"
},
{
"cve": "CVE-2025-68727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: Fix uninit buffer allocated by __getname()\n\nFix uninit errors caused after buffer allocation given to \u0027de\u0027; by\ninitializing the buffer with zeroes. The fix was found by using KMSAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68727",
"url": "https://www.suse.com/security/cve/CVE-2025-68727"
},
{
"category": "external",
"summary": "SUSE Bug 1255568 for CVE-2025-68727",
"url": "https://bugzilla.suse.com/1255568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68727"
},
{
"cve": "CVE-2025-68728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: fix uninit memory after failed mi_read in mi_format_new\n\nFix a KMSAN un-init bug found by syzkaller.\n\nntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be\nuptodate. We do not bring the buffer uptodate before setting it as\nuptodate. If the buffer were to not be uptodate, it could mean adding a\nbuffer with un-init data to the mi record. Attempting to load that record\nwill trigger KMSAN.\n\nAvoid this by setting the buffer as uptodate, if it\u0027s not already, by\noverwriting it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68728",
"url": "https://www.suse.com/security/cve/CVE-2025-68728"
},
{
"category": "external",
"summary": "SUSE Bug 1255539 for CVE-2025-68728",
"url": "https://bugzilla.suse.com/1255539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68728"
},
{
"cve": "CVE-2025-68733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmack: fix bug: unprivileged task can create labels\n\nIf an unprivileged task is allowed to relabel itself\n(/smack/relabel-self is not empty),\nit can freely create new labels by writing their\nnames into own /proc/PID/attr/smack/current\n\nThis occurs because do_setattr() imports\nthe provided label in advance,\nbefore checking \"relabel-self\" list.\n\nThis change ensures that the \"relabel-self\" list\nis checked before importing the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68733",
"url": "https://www.suse.com/security/cve/CVE-2025-68733"
},
{
"category": "external",
"summary": "SUSE Bug 1255615 for CVE-2025-68733",
"url": "https://bugzilla.suse.com/1255615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68733"
},
{
"cve": "CVE-2025-68764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags\n\nWhen a filesystem is being automounted, it needs to preserve the\nuser-set superblock mount options, such as the \"ro\" flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68764",
"url": "https://www.suse.com/security/cve/CVE-2025-68764"
},
{
"category": "external",
"summary": "SUSE Bug 1255930 for CVE-2025-68764",
"url": "https://bugzilla.suse.com/1255930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68764"
},
{
"cve": "CVE-2025-68768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: frags: flush pending skbs in fqdir_pre_exit()\n\nWe have been seeing occasional deadlocks on pernet_ops_rwsem since\nSeptember in NIPA. The stuck task was usually modprobe (often loading\na driver like ipvlan), trying to take the lock as a Writer.\nlockdep does not track readers for rwsems so the read wasn\u0027t obvious\nfrom the reports.\n\nOn closer inspection the Reader holding the lock was conntrack looping\nforever in nf_conntrack_cleanup_net_list(). Based on past experience\nwith occasional NIPA crashes I looked thru the tests which run before\nthe crash and noticed that the crash follows ip_defrag.sh. An immediate\nred flag. Scouring thru (de)fragmentation queues reveals skbs sitting\naround, holding conntrack references.\n\nThe problem is that since conntrack depends on nf_defrag_ipv6,\nnf_defrag_ipv6 will load first. Since nf_defrag_ipv6 loads first its\nnetns exit hooks run _after_ conntrack\u0027s netns exit hook.\n\nFlush all fragment queue SKBs during fqdir_pre_exit() to release\nconntrack references before conntrack cleanup runs. Also flush\nthe queues in timer expiry handlers when they discover fqdir-\u003edead\nis set, in case packet sneaks in while we\u0027re running the pre_exit\nflush.\n\nThe commit under Fixes is not exactly the culprit, but I think\npreviously the timer firing would eventually unblock the spinning\nconntrack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68768",
"url": "https://www.suse.com/security/cve/CVE-2025-68768"
},
{
"category": "external",
"summary": "SUSE Bug 1256579 for CVE-2025-68768",
"url": "https://bugzilla.suse.com/1256579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68768"
},
{
"cve": "CVE-2025-68770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix XDP_TX path\n\nFor XDP_TX action in bnxt_rx_xdp(), clearing of the event flags is not\ncorrect. __bnxt_poll_work() -\u003e bnxt_rx_pkt() -\u003e bnxt_rx_xdp() may be\nlooping within NAPI and some event flags may be set in earlier\niterations. In particular, if BNXT_TX_EVENT is set earlier indicating\nsome XDP_TX packets are ready and pending, it will be cleared if it is\nXDP_TX action again. Normally, we will set BNXT_TX_EVENT again when we\nsuccessfully call __bnxt_xmit_xdp(). But if the TX ring has no more\nroom, the flag will not be set. This will cause the TX producer to be\nahead but the driver will not hit the TX doorbell.\n\nFor multi-buf XDP_TX, there is no need to clear the event flags and set\nBNXT_AGG_EVENT. The BNXT_AGG_EVENT flag should have been set earlier in\nbnxt_rx_pkt().\n\nThe visible symptom of this is that the RX ring associated with the\nTX XDP ring will eventually become empty and all packets will be dropped.\nBecause this condition will cause the driver to not refill the RX ring\nseeing that the TX ring has forever pending XDP_TX packets.\n\nThe fix is to only clear BNXT_RX_EVENT when we have successfully\ncalled __bnxt_xmit_xdp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68770",
"url": "https://www.suse.com/security/cve/CVE-2025-68770"
},
{
"category": "external",
"summary": "SUSE Bug 1256584 for CVE-2025-68770",
"url": "https://bugzilla.suse.com/1256584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68770"
},
{
"cve": "CVE-2025-68771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix kernel BUG in ocfs2_find_victim_chain\n\nsyzbot reported a kernel BUG in ocfs2_find_victim_chain() because the\n`cl_next_free_rec` field of the allocation chain list (next free slot in\nthe chain list) is 0, triggring the BUG_ON(!cl-\u003ecl_next_free_rec)\ncondition in ocfs2_find_victim_chain() and panicking the kernel.\n\nTo fix this, an if condition is introduced in ocfs2_claim_suballoc_bits(),\njust before calling ocfs2_find_victim_chain(), the code block in it being\nexecuted when either of the following conditions is true:\n\n1. `cl_next_free_rec` is equal to 0, indicating that there are no free\nchains in the allocation chain list\n2. `cl_next_free_rec` is greater than `cl_count` (the total number of\nchains in the allocation chain list)\n\nEither of them being true is indicative of the fact that there are no\nchains left for usage.\n\nThis is addressed using ocfs2_error(), which prints\nthe error log for debugging purposes, rather than panicking the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68771",
"url": "https://www.suse.com/security/cve/CVE-2025-68771"
},
{
"category": "external",
"summary": "SUSE Bug 1256582 for CVE-2025-68771",
"url": "https://bugzilla.suse.com/1256582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68771"
},
{
"cve": "CVE-2025-68773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-cpm: Check length parity before switching to 16 bit mode\n\nCommit fc96ec826bce (\"spi: fsl-cpm: Use 16 bit mode for large transfers\nwith even size\") failed to make sure that the size is really even\nbefore switching to 16 bit mode. Until recently the problem went\nunnoticed because kernfs uses a pre-allocated bounce buffer of size\nPAGE_SIZE for reading EEPROM.\n\nBut commit 8ad6249c51d0 (\"eeprom: at25: convert to spi-mem API\")\nintroduced an additional dynamically allocated bounce buffer whose size\nis exactly the size of the transfer, leading to a buffer overrun in\nthe fsl-cpm driver when that size is odd.\n\nAdd the missing length parity verification and remain in 8 bit mode\nwhen the length is not even.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68773",
"url": "https://www.suse.com/security/cve/CVE-2025-68773"
},
{
"category": "external",
"summary": "SUSE Bug 1256586 for CVE-2025-68773",
"url": "https://bugzilla.suse.com/1256586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68773"
},
{
"cve": "CVE-2025-68775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: duplicate handshake cancellations leak socket\n\nWhen a handshake request is cancelled it is removed from the\nhandshake_net-\u003ehn_requests list, but it is still present in the\nhandshake_rhashtbl until it is destroyed.\n\nIf a second cancellation request arrives for the same handshake request,\nthen remove_pending() will return false... and assuming\nHANDSHAKE_F_REQ_COMPLETED isn\u0027t set in req-\u003ehr_flags, we\u0027ll continue\nprocessing through the out_true label, where we put another reference on\nthe sock and a refcount underflow occurs.\n\nThis can happen for example if a handshake times out - particularly if\nthe SUNRPC client sends the AUTH_TLS probe to the server but doesn\u0027t\nfollow it up with the ClientHello due to a problem with tlshd. When the\ntimeout is hit on the server, the server will send a FIN, which triggers\na cancellation request via xs_reset_transport(). When the timeout is\nhit on the client, another cancellation request happens via\nxs_tls_handshake_sync().\n\nAdd a test_and_set_bit(HANDSHAKE_F_REQ_COMPLETED) in the pending cancel\npath so duplicate cancels can be detected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68775",
"url": "https://www.suse.com/security/cve/CVE-2025-68775"
},
{
"category": "external",
"summary": "SUSE Bug 1256665 for CVE-2025-68775",
"url": "https://bugzilla.suse.com/1256665"
},
{
"category": "external",
"summary": "SUSE Bug 1256666 for CVE-2025-68775",
"url": "https://bugzilla.suse.com/1256666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-68775"
},
{
"cve": "CVE-2025-68776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/hsr: fix NULL pointer dereference in prp_get_untagged_frame()\n\nprp_get_untagged_frame() calls __pskb_copy() to create frame-\u003eskb_std\nbut doesn\u0027t check if the allocation failed. If __pskb_copy() returns\nNULL, skb_clone() is called with a NULL pointer, causing a crash:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 0 UID: 0 PID: 5625 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:skb_clone+0xd7/0x3a0 net/core/skbuff.c:2041\nCode: 03 42 80 3c 20 00 74 08 4c 89 f7 e8 23 29 05 f9 49 83 3e 00 0f 85 a0 01 00 00 e8 94 dd 9d f8 48 8d 6b 7e 49 89 ee 49 c1 ee 03 \u003c43\u003e 0f b6 04 26 84 c0 0f 85 d1 01 00 00 44 0f b6 7d 00 41 83 e7 0c\nRSP: 0018:ffffc9000d00f200 EFLAGS: 00010207\nRAX: ffffffff892235a1 RBX: 0000000000000000 RCX: ffff88803372a480\nRDX: 0000000000000000 RSI: 0000000000000820 RDI: 0000000000000000\nRBP: 000000000000007e R08: ffffffff8f7d0f77 R09: 1ffffffff1efa1ee\nR10: dffffc0000000000 R11: fffffbfff1efa1ef R12: dffffc0000000000\nR13: 0000000000000820 R14: 000000000000000f R15: ffff88805144cc00\nFS: 0000555557f6d500(0000) GS:ffff88808d72f000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000555581d35808 CR3: 000000005040e000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n hsr_forward_do net/hsr/hsr_forward.c:-1 [inline]\n hsr_forward_skb+0x1013/0x2860 net/hsr/hsr_forward.c:741\n hsr_handle_frame+0x6ce/0xa70 net/hsr/hsr_slave.c:84\n __netif_receive_skb_core+0x10b9/0x4380 net/core/dev.c:5966\n __netif_receive_skb_one_core net/core/dev.c:6077 [inline]\n __netif_receive_skb+0x72/0x380 net/core/dev.c:6192\n netif_receive_skb_internal net/core/dev.c:6278 [inline]\n netif_receive_skb+0x1cb/0x790 net/core/dev.c:6337\n tun_rx_batched+0x1b9/0x730 drivers/net/tun.c:1485\n tun_get_user+0x2b65/0x3e90 drivers/net/tun.c:1953\n tun_chr_write_iter+0x113/0x200 drivers/net/tun.c:1999\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x5c9/0xb30 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f0449f8e1ff\nCode: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48\nRSP: 002b:00007ffd7ad94c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007f044a1e5fa0 RCX: 00007f0449f8e1ff\nRDX: 000000000000003e RSI: 0000200000000500 RDI: 00000000000000c8\nRBP: 00007ffd7ad94d20 R08: 0000000000000000 R09: 0000000000000000\nR10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001\nR13: 00007f044a1e5fa0 R14: 00007f044a1e5fa0 R15: 0000000000000003\n \u003c/TASK\u003e\n\nAdd a NULL check immediately after __pskb_copy() to handle allocation\nfailures gracefully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68776",
"url": "https://www.suse.com/security/cve/CVE-2025-68776"
},
{
"category": "external",
"summary": "SUSE Bug 1256659 for CVE-2025-68776",
"url": "https://bugzilla.suse.com/1256659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68776"
},
{
"cve": "CVE-2025-68777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: ti_am335x_tsc - fix off-by-one error in wire_order validation\n\nThe current validation \u0027wire_order[i] \u003e ARRAY_SIZE(config_pins)\u0027 allows\nwire_order[i] to equal ARRAY_SIZE(config_pins), which causes out-of-bounds\naccess when used as index in \u0027config_pins[wire_order[i]]\u0027.\n\nSince config_pins has 4 elements (indices 0-3), the valid range for\nwire_order should be 0-3. Fix the off-by-one error by using \u003e= instead\nof \u003e in the validation check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68777",
"url": "https://www.suse.com/security/cve/CVE-2025-68777"
},
{
"category": "external",
"summary": "SUSE Bug 1256655 for CVE-2025-68777",
"url": "https://bugzilla.suse.com/1256655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68777"
},
{
"cve": "CVE-2025-68783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-mixer: us16x08: validate meter packet indices\n\nget_meter_levels_from_urb() parses the 64-byte meter packets sent by\nthe device and fills the per-channel arrays meter_level[],\ncomp_level[] and master_level[] in struct snd_us16x08_meter_store.\n\nCurrently the function derives the channel index directly from the\nmeter packet (MUB2(meter_urb, s) - 1) and uses it to index those\narrays without validating the range. If the packet contains a\nnegative or out-of-range channel number, the driver may write past\nthe end of these arrays.\n\nIntroduce a local channel variable and validate it before updating the\narrays. We reject negative indices, limit meter_level[] and\ncomp_level[] to SND_US16X08_MAX_CHANNELS, and guard master_level[]\nupdates with ARRAY_SIZE(master_level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68783",
"url": "https://www.suse.com/security/cve/CVE-2025-68783"
},
{
"category": "external",
"summary": "SUSE Bug 1256650 for CVE-2025-68783",
"url": "https://bugzilla.suse.com/1256650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68783"
},
{
"cve": "CVE-2025-68788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: do not generate ACCESS/MODIFY events on child for special files\n\ninotify/fanotify do not allow users with no read access to a file to\nsubscribe to events (e.g. IN_ACCESS/IN_MODIFY), but they do allow the\nsame user to subscribe for watching events on children when the user\nhas access to the parent directory (e.g. /dev).\n\nUsers with no read access to a file but with read access to its parent\ndirectory can still stat the file and see if it was accessed/modified\nvia atime/mtime change.\n\nThe same is not true for special files (e.g. /dev/null). Users will not\ngenerally observe atime/mtime changes when other users read/write to\nspecial files, only when someone sets atime/mtime via utimensat().\n\nAlign fsnotify events with this stat behavior and do not generate\nACCESS/MODIFY events to parent watchers on read/write of special files.\nThe events are still generated to parent watchers on utimensat(). This\ncloses some side-channels that could be possibly used for information\nexfiltration [1].\n\n[1] https://snee.la/pdf/pubs/file-notification-attacks.pdf",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68788",
"url": "https://www.suse.com/security/cve/CVE-2025-68788"
},
{
"category": "external",
"summary": "SUSE Bug 1256638 for CVE-2025-68788",
"url": "https://bugzilla.suse.com/1256638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68788"
},
{
"cve": "CVE-2025-68789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68789"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68789",
"url": "https://www.suse.com/security/cve/CVE-2025-68789"
},
{
"category": "external",
"summary": "SUSE Bug 1256781 for CVE-2025-68789",
"url": "https://bugzilla.suse.com/1256781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68789"
},
{
"cve": "CVE-2025-68795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: Avoid overflowing userspace buffer on stats query\n\nThe ethtool -S command operates across three ioctl calls:\nETHTOOL_GSSET_INFO for the size, ETHTOOL_GSTRINGS for the names, and\nETHTOOL_GSTATS for the values.\n\nIf the number of stats changes between these calls (e.g., due to device\nreconfiguration), userspace\u0027s buffer allocation will be incorrect,\npotentially leading to buffer overflow.\n\nDrivers are generally expected to maintain stable stat counts, but some\ndrivers (e.g., mlx5, bnx2x, bna, ksz884x) use dynamic counters, making\nthis scenario possible.\n\nSome drivers try to handle this internally:\n- bnad_get_ethtool_stats() returns early in case stats.n_stats is not\n equal to the driver\u0027s stats count.\n- micrel/ksz884x also makes sure not to write anything beyond\n stats.n_stats and overflow the buffer.\n\nHowever, both use stats.n_stats which is already assigned with the value\nreturned from get_sset_count(), hence won\u0027t solve the issue described\nhere.\n\nChange ethtool_get_strings(), ethtool_get_stats(),\nethtool_get_phy_stats() to not return anything in case of a mismatch\nbetween userspace\u0027s size and get_sset_size(), to prevent buffer\noverflow.\nThe returned n_stats value will be equal to zero, to reflect that\nnothing has been returned.\n\nThis could result in one of two cases when using upstream ethtool,\ndepending on when the size change is detected:\n1. When detected in ethtool_get_strings():\n # ethtool -S eth2\n no stats available\n\n2. When detected in get stats, all stats will be reported as zero.\n\nBoth cases are presumably transient, and a subsequent ethtool call\nshould succeed.\n\nOther than the overflow avoidance, these two cases are very evident (no\noutput/cleared stats), which is arguably better than presenting\nincorrect/shifted stats.\nI also considered returning an error instead of a \"silent\" response, but\nthat seems more destructive towards userspace apps.\n\nNotes:\n- This patch does not claim to fix the inherent race, it only makes sure\n that we do not overflow the userspace buffer, and makes for a more\n predictable behavior.\n\n- RTNL lock is held during each ioctl, the race window exists between\n the separate ioctl calls when the lock is released.\n\n- Userspace ethtool always fills stats.n_stats, but it is likely that\n these stats ioctls are implemented in other userspace applications\n which might not fill it. The added code checks that it\u0027s not zero,\n to prevent any regressions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68795",
"url": "https://www.suse.com/security/cve/CVE-2025-68795"
},
{
"category": "external",
"summary": "SUSE Bug 1256688 for CVE-2025-68795",
"url": "https://bugzilla.suse.com/1256688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68795"
},
{
"cve": "CVE-2025-68797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nchar: applicom: fix NULL pointer dereference in ac_ioctl\n\nDiscovered by Atuin - Automated Vulnerability Discovery Engine.\n\nIn ac_ioctl, the validation of IndexCard and the check for a valid\nRamIO pointer are skipped when cmd is 6. However, the function\nunconditionally executes readb(apbs[IndexCard].RamIO + VERS) at the\nend.\n\nIf cmd is 6, IndexCard may reference a board that does not exist\n(where RamIO is NULL), leading to a NULL pointer dereference.\n\nFix this by skipping the readb access when cmd is 6, as this\ncommand is a global information query and does not target a specific\nboard context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68797",
"url": "https://www.suse.com/security/cve/CVE-2025-68797"
},
{
"category": "external",
"summary": "SUSE Bug 1256660 for CVE-2025-68797",
"url": "https://bugzilla.suse.com/1256660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68797"
},
{
"cve": "CVE-2025-68798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd: Check event before enable to avoid GPF\n\nOn AMD machines cpuc-\u003eevents[idx] can become NULL in a subtle race\ncondition with NMI-\u003ethrottle-\u003ex86_pmu_stop().\n\nCheck event for NULL in amd_pmu_enable_all() before enable to avoid a GPF.\nThis appears to be an AMD only issue.\n\nSyzkaller reported a GPF in amd_pmu_enable_all.\n\nINFO: NMI handler (perf_event_nmi_handler) took too long to run: 13.143\n msecs\nOops: general protection fault, probably for non-canonical address\n 0xdffffc0000000034: 0000 PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x00000000000001a0-0x00000000000001a7]\nCPU: 0 UID: 0 PID: 328415 Comm: repro_36674776 Not tainted 6.12.0-rc1-syzk\nRIP: 0010:x86_pmu_enable_event (arch/x86/events/perf_event.h:1195\n arch/x86/events/core.c:1430)\nRSP: 0018:ffff888118009d60 EFLAGS: 00010012\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000034 RSI: 0000000000000000 RDI: 00000000000001a0\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002\nR13: ffff88811802a440 R14: ffff88811802a240 R15: ffff8881132d8601\nFS: 00007f097dfaa700(0000) GS:ffff888118000000(0000) GS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200001c0 CR3: 0000000103d56000 CR4: 00000000000006f0\nCall Trace:\n \u003cIRQ\u003e\namd_pmu_enable_all (arch/x86/events/amd/core.c:760 (discriminator 2))\nx86_pmu_enable (arch/x86/events/core.c:1360)\nevent_sched_out (kernel/events/core.c:1191 kernel/events/core.c:1186\n kernel/events/core.c:2346)\n__perf_remove_from_context (kernel/events/core.c:2435)\nevent_function (kernel/events/core.c:259)\nremote_function (kernel/events/core.c:92 (discriminator 1)\n kernel/events/core.c:72 (discriminator 1))\n__flush_smp_call_function_queue (./arch/x86/include/asm/jump_label.h:27\n ./include/linux/jump_label.h:207 ./include/trace/events/csd.h:64\n kernel/smp.c:135 kernel/smp.c:540)\n__sysvec_call_function_single (./arch/x86/include/asm/jump_label.h:27\n ./include/linux/jump_label.h:207\n ./arch/x86/include/asm/trace/irq_vectors.h:99 arch/x86/kernel/smp.c:272)\nsysvec_call_function_single (arch/x86/kernel/smp.c:266 (discriminator 47)\n arch/x86/kernel/smp.c:266 (discriminator 47))\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68798",
"url": "https://www.suse.com/security/cve/CVE-2025-68798"
},
{
"category": "external",
"summary": "SUSE Bug 1256689 for CVE-2025-68798",
"url": "https://bugzilla.suse.com/1256689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68798"
},
{
"cve": "CVE-2025-68800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats\n\nCited commit added a dedicated mutex (instead of RTNL) to protect the\nmulticast route list, so that it will not change while the driver\nperiodically traverses it in order to update the kernel about multicast\nroute stats that were queried from the device.\n\nOne instance of list entry deletion (during route replace) was missed\nand it can result in a use-after-free [1].\n\nFix by acquiring the mutex before deleting the entry from the list and\nreleasing it afterwards.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]\nRead of size 8 at addr ffff8881523c2fa8 by task kworker/2:5/22043\n\nCPU: 2 UID: 0 PID: 22043 Comm: kworker/2:5 Not tainted 6.18.0-rc1-custom-g1a3d6d7cd014 #1 PREEMPT(full)\nHardware name: Mellanox Technologies Ltd. MSN2010/SA002610, BIOS 5.6.5 08/24/2017\nWorkqueue: mlxsw_core mlxsw_sp_mr_stats_update [mlxsw_spectrum]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n print_report+0x174/0x4f5\n kasan_report+0xdf/0x110\n mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]\n process_one_work+0x9cc/0x18e0\n worker_thread+0x5df/0xe40\n kthread+0x3b8/0x730\n ret_from_fork+0x3e9/0x560\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 29933:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n mlxsw_sp_mr_route_add+0xd8/0x4770 [mlxsw_spectrum]\n mlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]\n process_one_work+0x9cc/0x18e0\n worker_thread+0x5df/0xe40\n kthread+0x3b8/0x730\n ret_from_fork+0x3e9/0x560\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 29933:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_save_free_info+0x3b/0x70\n __kasan_slab_free+0x43/0x70\n kfree+0x14e/0x700\n mlxsw_sp_mr_route_add+0x2dea/0x4770 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:444 [mlxsw_spectrum]\n mlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]\n process_one_work+0x9cc/0x18e0\n worker_thread+0x5df/0xe40\n kthread+0x3b8/0x730\n ret_from_fork+0x3e9/0x560\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68800",
"url": "https://www.suse.com/security/cve/CVE-2025-68800"
},
{
"category": "external",
"summary": "SUSE Bug 1256646 for CVE-2025-68800",
"url": "https://bugzilla.suse.com/1256646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68800"
},
{
"cve": "CVE-2025-68801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_router: Fix neighbour use-after-free\n\nWe sometimes observe use-after-free when dereferencing a neighbour [1].\nThe problem seems to be that the driver stores a pointer to the\nneighbour, but without holding a reference on it. A reference is only\ntaken when the neighbour is used by a nexthop.\n\nFix by simplifying the reference counting scheme. Always take a\nreference when storing a neighbour pointer in a neighbour entry. Avoid\ntaking a referencing when the neighbour is used by a nexthop as the\nneighbour entry associated with the nexthop already holds a reference.\n\nTested by running the test that uncovered the problem over 300 times.\nWithout this patch the problem was reproduced after a handful of\niterations.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_neigh_entry_update+0x2d4/0x310\nRead of size 8 at addr ffff88817f8e3420 by task ip/3929\n\nCPU: 3 UID: 0 PID: 3929 Comm: ip Not tainted 6.18.0-rc4-virtme-g36b21a067510 #3 PREEMPT(full)\nHardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6f/0xa0\n print_address_description.constprop.0+0x6e/0x300\n print_report+0xfc/0x1fb\n kasan_report+0xe4/0x110\n mlxsw_sp_neigh_entry_update+0x2d4/0x310\n mlxsw_sp_router_rif_gone_sync+0x35f/0x510\n mlxsw_sp_rif_destroy+0x1ea/0x730\n mlxsw_sp_inetaddr_port_vlan_event+0xa1/0x1b0\n __mlxsw_sp_inetaddr_lag_event+0xcc/0x130\n __mlxsw_sp_inetaddr_event+0xf5/0x3c0\n mlxsw_sp_router_netdevice_event+0x1015/0x1580\n notifier_call_chain+0xcc/0x150\n call_netdevice_notifiers_info+0x7e/0x100\n __netdev_upper_dev_unlink+0x10b/0x210\n netdev_upper_dev_unlink+0x79/0xa0\n vrf_del_slave+0x18/0x50\n do_set_master+0x146/0x7d0\n do_setlink.isra.0+0x9a0/0x2880\n rtnl_newlink+0x637/0xb20\n rtnetlink_rcv_msg+0x6fe/0xb90\n netlink_rcv_skb+0x123/0x380\n netlink_unicast+0x4a3/0x770\n netlink_sendmsg+0x75b/0xc90\n __sock_sendmsg+0xbe/0x160\n ____sys_sendmsg+0x5b2/0x7d0\n ___sys_sendmsg+0xfd/0x180\n __sys_sendmsg+0x124/0x1c0\n do_syscall_64+0xbb/0xfd0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n[...]\n\nAllocated by task 109:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7b/0x90\n __kmalloc_noprof+0x2c1/0x790\n neigh_alloc+0x6af/0x8f0\n ___neigh_create+0x63/0xe90\n mlxsw_sp_nexthop_neigh_init+0x430/0x7e0\n mlxsw_sp_nexthop_type_init+0x212/0x960\n mlxsw_sp_nexthop6_group_info_init.constprop.0+0x81f/0x1280\n mlxsw_sp_nexthop6_group_get+0x392/0x6a0\n mlxsw_sp_fib6_entry_create+0x46a/0xfd0\n mlxsw_sp_router_fib6_replace+0x1ed/0x5f0\n mlxsw_sp_router_fib6_event_work+0x10a/0x2a0\n process_one_work+0xd57/0x1390\n worker_thread+0x4d6/0xd40\n kthread+0x355/0x5b0\n ret_from_fork+0x1d4/0x270\n ret_from_fork_asm+0x11/0x20\n\nFreed by task 154:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x43/0x70\n kmem_cache_free_bulk.part.0+0x1eb/0x5e0\n kvfree_rcu_bulk+0x1f2/0x260\n kfree_rcu_work+0x130/0x1b0\n process_one_work+0xd57/0x1390\n worker_thread+0x4d6/0xd40\n kthread+0x355/0x5b0\n ret_from_fork+0x1d4/0x270\n ret_from_fork_asm+0x11/0x20\n\nLast potentially related work creation:\n kasan_save_stack+0x30/0x50\n kasan_record_aux_stack+0x8c/0xa0\n kvfree_call_rcu+0x93/0x5b0\n mlxsw_sp_router_neigh_event_work+0x67d/0x860\n process_one_work+0xd57/0x1390\n worker_thread+0x4d6/0xd40\n kthread+0x355/0x5b0\n ret_from_fork+0x1d4/0x270\n ret_from_fork_asm+0x11/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68801",
"url": "https://www.suse.com/security/cve/CVE-2025-68801"
},
{
"category": "external",
"summary": "SUSE Bug 1256653 for CVE-2025-68801",
"url": "https://bugzilla.suse.com/1256653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68801"
},
{
"cve": "CVE-2025-68802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Limit num_syncs to prevent oversized allocations\n\nThe exec and vm_bind ioctl allow userspace to specify an arbitrary\nnum_syncs value. Without bounds checking, a very large num_syncs\ncan force an excessively large allocation, leading to kernel warnings\nfrom the page allocator as below.\n\nIntroduce DRM_XE_MAX_SYNCS (set to 1024) and reject any request\nexceeding this limit.\n\n\"\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 1217 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2f8/0x2180 mm/page_alloc.c:5124\n...\nCall Trace:\n \u003cTASK\u003e\n alloc_pages_mpol+0xe4/0x330 mm/mempolicy.c:2416\n ___kmalloc_large_node+0xd8/0x110 mm/slub.c:4317\n __kmalloc_large_node_noprof+0x18/0xe0 mm/slub.c:4348\n __do_kmalloc_node mm/slub.c:4364 [inline]\n __kmalloc_noprof+0x3d4/0x4b0 mm/slub.c:4388\n kmalloc_noprof include/linux/slab.h:909 [inline]\n kmalloc_array_noprof include/linux/slab.h:948 [inline]\n xe_exec_ioctl+0xa47/0x1e70 drivers/gpu/drm/xe/xe_exec.c:158\n drm_ioctl_kernel+0x1f1/0x3e0 drivers/gpu/drm/drm_ioctl.c:797\n drm_ioctl+0x5e7/0xc50 drivers/gpu/drm/drm_ioctl.c:894\n xe_drm_ioctl+0x10b/0x170 drivers/gpu/drm/xe/xe_device.c:224\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:598 [inline]\n __se_sys_ioctl fs/ioctl.c:584 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:584\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xbb/0x380 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n\"\n\nv2: Add \"Reported-by\" and Cc stable kernels.\nv3: Change XE_MAX_SYNCS from 64 to 1024. (Matt \u0026 Ashutosh)\nv4: s/XE_MAX_SYNCS/DRM_XE_MAX_SYNCS/ (Matt)\nv5: Do the check at the top of the exec func. (Matt)\n\n(cherry picked from commit b07bac9bd708ec468cd1b8a5fe70ae2ac9b0a11c)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68802",
"url": "https://www.suse.com/security/cve/CVE-2025-68802"
},
{
"category": "external",
"summary": "SUSE Bug 1256661 for CVE-2025-68802",
"url": "https://bugzilla.suse.com/1256661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "low"
}
],
"title": "CVE-2025-68802"
},
{
"cve": "CVE-2025-68803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: NFSv4 file creation neglects setting ACL\n\nAn NFSv4 client that sets an ACL with a named principal during file\ncreation retrieves the ACL afterwards, and finds that it is only a\ndefault ACL (based on the mode bits) and not the ACL that was\nrequested during file creation. This violates RFC 8881 section\n6.4.1.3: \"the ACL attribute is set as given\".\n\nThe issue occurs in nfsd_create_setattr(), which calls\nnfsd_attrs_valid() to determine whether to call nfsd_setattr().\nHowever, nfsd_attrs_valid() checks only for iattr changes and\nsecurity labels, but not POSIX ACLs. When only an ACL is present,\nthe function returns false, nfsd_setattr() is skipped, and the\nPOSIX ACL is never applied to the inode.\n\nSubsequently, when the client retrieves the ACL, the server finds\nno POSIX ACL on the inode and returns one generated from the file\u0027s\nmode bits rather than returning the originally-specified ACL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68803",
"url": "https://www.suse.com/security/cve/CVE-2025-68803"
},
{
"category": "external",
"summary": "SUSE Bug 1256770 for CVE-2025-68803",
"url": "https://bugzilla.suse.com/1256770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68803"
},
{
"cve": "CVE-2025-68804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver\n\nAfter unbinding the driver, another kthread `cros_ec_console_log_work`\nis still accessing the device, resulting an UAF and crash.\n\nThe driver doesn\u0027t unregister the EC device in .remove() which should\nshutdown sub-devices synchronously. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68804",
"url": "https://www.suse.com/security/cve/CVE-2025-68804"
},
{
"category": "external",
"summary": "SUSE Bug 1256617 for CVE-2025-68804",
"url": "https://bugzilla.suse.com/1256617"
},
{
"category": "external",
"summary": "SUSE Bug 1256618 for CVE-2025-68804",
"url": "https://bugzilla.suse.com/1256618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-68804"
},
{
"cve": "CVE-2025-68808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: initialize local pointers upon transfer of memory ownership\n\nvidtv_channel_si_init() creates a temporary list (program, service, event)\nand ownership of the memory itself is transferred to the PAT/SDT/EIT\ntables through vidtv_psi_pat_program_assign(),\nvidtv_psi_sdt_service_assign(), vidtv_psi_eit_event_assign().\n\nThe problem here is that the local pointer where the memory ownership\ntransfer was completed is not initialized to NULL. This causes the\nvidtv_psi_pmt_create_sec_for_each_pat_entry() function to fail, and\nin the flow that jumps to free_eit, the memory that was freed by\nvidtv_psi_*_table_destroy() can be accessed again by\nvidtv_psi_*_event_destroy() due to the uninitialized local pointer, so it\nis freed once again.\n\nTherefore, to prevent use-after-free and double-free vulnerability,\nlocal pointers must be initialized to NULL when transferring memory\nownership.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68808",
"url": "https://www.suse.com/security/cve/CVE-2025-68808"
},
{
"category": "external",
"summary": "SUSE Bug 1256682 for CVE-2025-68808",
"url": "https://bugzilla.suse.com/1256682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68808"
},
{
"cve": "CVE-2025-68813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix ipv4 null-ptr-deref in route error path\n\nThe IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure()\nwithout ensuring skb-\u003edev is set, leading to a NULL pointer dereference\nin fib_compute_spec_dst() when ipv4_link_failure() attempts to send\nICMP destination unreachable messages.\n\nThe issue emerged after commit ed0de45a1008 (\"ipv4: recompile ip options\nin ipv4_link_failure\") started calling __ip_options_compile() from\nipv4_link_failure(). This code path eventually calls fib_compute_spec_dst()\nwhich dereferences skb-\u003edev. An attempt was made to fix the NULL skb-\u003edev\ndereference in commit 0113d9c9d1cc (\"ipv4: fix null-deref in\nipv4_link_failure\"), but it only addressed the immediate dev_net(skb-\u003edev)\ndereference by using a fallback device. The fix was incomplete because\nfib_compute_spec_dst() later in the call chain still accesses skb-\u003edev\ndirectly, which remains NULL when IPVS calls dst_link_failure().\n\nThe crash occurs when:\n1. IPVS processes a packet in NAT mode with a misconfigured destination\n2. Route lookup fails in __ip_vs_get_out_rt() before establishing a route\n3. The error path calls dst_link_failure(skb) with skb-\u003edev == NULL\n4. ipv4_link_failure() -\u003e ipv4_send_dest_unreach() -\u003e\n __ip_options_compile() -\u003e fib_compute_spec_dst()\n5. fib_compute_spec_dst() dereferences NULL skb-\u003edev\n\nApply the same fix used for IPv6 in commit 326bf17ea5d4 (\"ipvs: fix\nipv6 route unreach panic\"): set skb-\u003edev from skb_dst(skb)-\u003edev before\ncalling dst_link_failure().\n\nKASAN: null-ptr-deref in range [0x0000000000000328-0x000000000000032f]\nCPU: 1 PID: 12732 Comm: syz.1.3469 Not tainted 6.6.114 #2\nRIP: 0010:__in_dev_get_rcu include/linux/inetdevice.h:233\nRIP: 0010:fib_compute_spec_dst+0x17a/0x9f0 net/ipv4/fib_frontend.c:285\nCall Trace:\n \u003cTASK\u003e\n spec_dst_fill net/ipv4/ip_options.c:232\n spec_dst_fill net/ipv4/ip_options.c:229\n __ip_options_compile+0x13a1/0x17d0 net/ipv4/ip_options.c:330\n ipv4_send_dest_unreach net/ipv4/route.c:1252\n ipv4_link_failure+0x702/0xb80 net/ipv4/route.c:1265\n dst_link_failure include/net/dst.h:437\n __ip_vs_get_out_rt+0x15fd/0x19e0 net/netfilter/ipvs/ip_vs_xmit.c:412\n ip_vs_nat_xmit+0x1d8/0xc80 net/netfilter/ipvs/ip_vs_xmit.c:764",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68813",
"url": "https://www.suse.com/security/cve/CVE-2025-68813"
},
{
"category": "external",
"summary": "SUSE Bug 1256641 for CVE-2025-68813",
"url": "https://bugzilla.suse.com/1256641"
},
{
"category": "external",
"summary": "SUSE Bug 1256644 for CVE-2025-68813",
"url": "https://bugzilla.suse.com/1256644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-68813"
},
{
"cve": "CVE-2025-68814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix filename leak in __io_openat_prep()\n\n __io_openat_prep() allocates a struct filename using getname(). However,\nfor the condition of the file being installed in the fixed file table as\nwell as having O_CLOEXEC flag set, the function returns early. At that\npoint, the request doesn\u0027t have REQ_F_NEED_CLEANUP flag set. Due to this,\nthe memory for the newly allocated struct filename is not cleaned up,\ncausing a memory leak.\n\nFix this by setting the REQ_F_NEED_CLEANUP for the request just after the\nsuccessful getname() call, so that when the request is torn down, the\nfilename will be cleaned up, along with other resources needing cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68814",
"url": "https://www.suse.com/security/cve/CVE-2025-68814"
},
{
"category": "external",
"summary": "SUSE Bug 1256651 for CVE-2025-68814",
"url": "https://bugzilla.suse.com/1256651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68814"
},
{
"cve": "CVE-2025-68815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Remove drr class from the active list if it changes to strict\n\nWhenever a user issues an ets qdisc change command, transforming a\ndrr class into a strict one, the ets code isn\u0027t checking whether that\nclass was in the active list and removing it. This means that, if a\nuser changes a strict class (which was in the active list) back to a drr\none, that class will be added twice to the active list [1].\n\nDoing so with the following commands:\n\ntc qdisc add dev lo root handle 1: ets bands 2 strict 1\ntc qdisc add dev lo parent 1:2 handle 20: \\\n tbf rate 8bit burst 100b latency 1s\ntc filter add dev lo parent 1: basic classid 1:2\nping -c1 -W0.01 -s 56 127.0.0.1\ntc qdisc change dev lo root handle 1: ets bands 2 strict 2\ntc qdisc change dev lo root handle 1: ets bands 2 strict 1\nping -c1 -W0.01 -s 56 127.0.0.1\n\nWill trigger the following splat with list debug turned on:\n\n[ 59.279014][ T365] ------------[ cut here ]------------\n[ 59.279452][ T365] list_add double add: new=ffff88801d60e350, prev=ffff88801d60e350, next=ffff88801d60e2c0.\n[ 59.280153][ T365] WARNING: CPU: 3 PID: 365 at lib/list_debug.c:35 __list_add_valid_or_report+0x17f/0x220\n[ 59.280860][ T365] Modules linked in:\n[ 59.281165][ T365] CPU: 3 UID: 0 PID: 365 Comm: tc Not tainted 6.18.0-rc7-00105-g7e9f13163c13-dirty #239 PREEMPT(voluntary)\n[ 59.281977][ T365] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n[ 59.282391][ T365] RIP: 0010:__list_add_valid_or_report+0x17f/0x220\n[ 59.282842][ T365] Code: 89 c6 e8 d4 b7 0d ff 90 0f 0b 90 90 31 c0 e9 31 ff ff ff 90 48 c7 c7 e0 a0 22 9f 48 89 f2 48 89 c1 4c 89 c6 e8 b2 b7 0d ff 90 \u003c0f\u003e 0b 90 90 31 c0 e9 0f ff ff ff 48 89 f7 48 89 44 24 10 4c 89 44\n...\n[ 59.288812][ T365] Call Trace:\n[ 59.289056][ T365] \u003cTASK\u003e\n[ 59.289224][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.289546][ T365] ets_qdisc_change+0xd2b/0x1e80\n[ 59.289891][ T365] ? __lock_acquire+0x7e7/0x1be0\n[ 59.290223][ T365] ? __pfx_ets_qdisc_change+0x10/0x10\n[ 59.290546][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.290898][ T365] ? __mutex_trylock_common+0xda/0x240\n[ 59.291228][ T365] ? __pfx___mutex_trylock_common+0x10/0x10\n[ 59.291655][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.291993][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.292313][ T365] ? trace_contention_end+0xc8/0x110\n[ 59.292656][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.293022][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.293351][ T365] tc_modify_qdisc+0x63a/0x1cf0\n\nFix this by always checking and removing an ets class from the active list\nwhen changing it to strict.\n\n[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/tree/net/sched/sch_ets.c?id=ce052b9402e461a9aded599f5b47e76bc727f7de#n663",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68815",
"url": "https://www.suse.com/security/cve/CVE-2025-68815"
},
{
"category": "external",
"summary": "SUSE Bug 1256680 for CVE-2025-68815",
"url": "https://bugzilla.suse.com/1256680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68815"
},
{
"cve": "CVE-2025-68816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: fw_tracer, Validate format string parameters\n\nAdd validation for format string parameters in the firmware tracer to\nprevent potential security vulnerabilities and crashes from malformed\nformat strings received from firmware.\n\nThe firmware tracer receives format strings from the device firmware and\nuses them to format trace messages. Without proper validation, bad\nfirmware could provide format strings with invalid format specifiers\n(e.g., %s, %p, %n) that could lead to crashes, or other undefined\nbehavior.\n\nAdd mlx5_tracer_validate_params() to validate that all format specifiers\nin trace strings are limited to safe integer/hex formats (%x, %d, %i,\n%u, %llx, %lx, etc.). Reject strings containing other format types that\ncould be used to access arbitrary memory or cause crashes.\nInvalid format strings are added to the trace output for visibility with\n\"BAD_FORMAT: \" prefix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68816",
"url": "https://www.suse.com/security/cve/CVE-2025-68816"
},
{
"category": "external",
"summary": "SUSE Bug 1256674 for CVE-2025-68816",
"url": "https://bugzilla.suse.com/1256674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68816"
},
{
"cve": "CVE-2025-68819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()\n\nrlen value is a user-controlled value, but dtv5100_i2c_msg() does not\ncheck the size of the rlen value. Therefore, if it is set to a value\nlarger than sizeof(st-\u003edata), an out-of-bounds vuln occurs for st-\u003edata.\n\nTherefore, we need to add proper range checking to prevent this vuln.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68819",
"url": "https://www.suse.com/security/cve/CVE-2025-68819"
},
{
"category": "external",
"summary": "SUSE Bug 1256664 for CVE-2025-68819",
"url": "https://bugzilla.suse.com/1256664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68819"
},
{
"cve": "CVE-2025-68820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: xattr: fix null pointer deref in ext4_raw_inode()\n\nIf ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED),\niloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all()\nlacks error checking, this will lead to a null pointer dereference\nin ext4_raw_inode(), called right after ext4_get_inode_loc().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68820",
"url": "https://www.suse.com/security/cve/CVE-2025-68820"
},
{
"category": "external",
"summary": "SUSE Bug 1256754 for CVE-2025-68820",
"url": "https://bugzilla.suse.com/1256754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-68820"
},
{
"cve": "CVE-2025-71064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: using the num_tqps in the vf driver to apply for resources\n\nCurrently, hdev-\u003ehtqp is allocated using hdev-\u003enum_tqps, and kinfo-\u003etqp\nis allocated using kinfo-\u003enum_tqps. However, kinfo-\u003enum_tqps is set to\nmin(new_tqps, hdev-\u003enum_tqps); Therefore, kinfo-\u003enum_tqps may be smaller\nthan hdev-\u003enum_tqps, which causes some hdev-\u003ehtqp[i] to remain\nuninitialized in hclgevf_knic_setup().\n\nThus, this patch allocates hdev-\u003ehtqp and kinfo-\u003etqp using hdev-\u003enum_tqps,\nensuring that the lengths of hdev-\u003ehtqp and kinfo-\u003etqp are consistent\nand that all elements are properly initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71064",
"url": "https://www.suse.com/security/cve/CVE-2025-71064"
},
{
"category": "external",
"summary": "SUSE Bug 1256654 for CVE-2025-71064",
"url": "https://bugzilla.suse.com/1256654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71064"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2025-71076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Limit num_syncs to prevent oversized allocations\n\nThe OA open parameters did not validate num_syncs, allowing\nuserspace to pass arbitrarily large values, potentially\nleading to excessive allocations.\n\nAdd check to ensure that num_syncs does not exceed DRM_XE_MAX_SYNCS,\nreturning -EINVAL when the limit is violated.\n\nv2: use XE_IOCTL_DBG() and drop duplicated check. (Ashutosh)\n\n(cherry picked from commit e057b2d2b8d815df3858a87dffafa2af37e5945b)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71076",
"url": "https://www.suse.com/security/cve/CVE-2025-71076"
},
{
"category": "external",
"summary": "SUSE Bug 1256627 for CVE-2025-71076",
"url": "https://bugzilla.suse.com/1256627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71076"
},
{
"cve": "CVE-2025-71077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Cap the number of PCR banks\n\ntpm2_get_pcr_allocation() does not cap any upper limit for the number of\nbanks. Cap the limit to eight banks so that out of bounds values coming\nfrom external I/O cause on only limited harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71077",
"url": "https://www.suse.com/security/cve/CVE-2025-71077"
},
{
"category": "external",
"summary": "SUSE Bug 1256613 for CVE-2025-71077",
"url": "https://bugzilla.suse.com/1256613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71077"
},
{
"cve": "CVE-2025-71078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s/slb: Fix SLB multihit issue during SLB preload\n\nOn systems using the hash MMU, there is a software SLB preload cache that\nmirrors the entries loaded into the hardware SLB buffer. This preload\ncache is subject to periodic eviction - typically after every 256 context\nswitches - to remove old entry.\n\nTo optimize performance, the kernel skips switch_mmu_context() in\nswitch_mm_irqs_off() when the prev and next mm_struct are the same.\nHowever, on hash MMU systems, this can lead to inconsistencies between\nthe hardware SLB and the software preload cache.\n\nIf an SLB entry for a process is evicted from the software cache on one\nCPU, and the same process later runs on another CPU without executing\nswitch_mmu_context(), the hardware SLB may retain stale entries. If the\nkernel then attempts to reload that entry, it can trigger an SLB\nmulti-hit error.\n\nThe following timeline shows how stale SLB entries are created and can\ncause a multi-hit error when a process moves between CPUs without a\nMMU context switch.\n\nCPU 0 CPU 1\n----- -----\nProcess P\nexec swapper/1\n load_elf_binary\n begin_new_exc\n activate_mm\n switch_mm_irqs_off\n switch_mmu_context\n switch_slb\n /*\n * This invalidates all\n * the entries in the HW\n * and setup the new HW\n * SLB entries as per the\n * preload cache.\n */\ncontext_switch\nsched_migrate_task migrates process P to cpu-1\n\nProcess swapper/0 context switch (to process P)\n(uses mm_struct of Process P) switch_mm_irqs_off()\n switch_slb\n load_slb++\n /*\n * load_slb becomes 0 here\n * and we evict an entry from\n * the preload cache with\n * preload_age(). We still\n * keep HW SLB and preload\n * cache in sync, that is\n * because all HW SLB entries\n * anyways gets evicted in\n * switch_slb during SLBIA.\n * We then only add those\n * entries back in HW SLB,\n * which are currently\n * present in preload_cache\n * (after eviction).\n */\n load_elf_binary continues...\n setup_new_exec()\n slb_setup_new_exec()\n\n sched_switch event\n sched_migrate_task migrates\n process P to cpu-0\n\ncontext_switch from swapper/0 to Process P\n switch_mm_irqs_off()\n /*\n * Since both prev and next mm struct are same we don\u0027t call\n * switch_mmu_context(). This will cause the HW SLB and SW preload\n * cache to go out of sync in preload_new_slb_context. Because there\n * was an SLB entry which was evicted from both HW and preload cache\n * on cpu-1. Now later in preload_new_slb_context(), when we will try\n * to add the same preload entry again, we will add this to the SW\n * preload cache and then will add it to the HW SLB. Since on cpu-0\n * this entry was never invalidated, hence adding this entry to the HW\n * SLB will cause a SLB multi-hit error.\n */\nload_elf_binary cont\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71078",
"url": "https://www.suse.com/security/cve/CVE-2025-71078"
},
{
"category": "external",
"summary": "SUSE Bug 1256616 for CVE-2025-71078",
"url": "https://bugzilla.suse.com/1256616"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71078"
},
{
"cve": "CVE-2025-71079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write\n\nA deadlock can occur between nfc_unregister_device() and rfkill_fop_write()\ndue to lock ordering inversion between device_lock and rfkill_global_mutex.\n\nThe problematic lock order is:\n\nThread A (rfkill_fop_write):\n rfkill_fop_write()\n mutex_lock(\u0026rfkill_global_mutex)\n rfkill_set_block()\n nfc_rfkill_set_block()\n nfc_dev_down()\n device_lock(\u0026dev-\u003edev) \u003c- waits for device_lock\n\nThread B (nfc_unregister_device):\n nfc_unregister_device()\n device_lock(\u0026dev-\u003edev)\n rfkill_unregister()\n mutex_lock(\u0026rfkill_global_mutex) \u003c- waits for rfkill_global_mutex\n\nThis creates a classic ABBA deadlock scenario.\n\nFix this by moving rfkill_unregister() and rfkill_destroy() outside the\ndevice_lock critical section. Store the rfkill pointer in a local variable\nbefore releasing the lock, then call rfkill_unregister() after releasing\ndevice_lock.\n\nThis change is safe because rfkill_fop_write() holds rfkill_global_mutex\nwhile calling the rfkill callbacks, and rfkill_unregister() also acquires\nrfkill_global_mutex before cleanup. Therefore, rfkill_unregister() will\nwait for any ongoing callback to complete before proceeding, and\ndevice_del() is only called after rfkill_unregister() returns, preventing\nany use-after-free.\n\nThe similar lock ordering in nfc_register_device() (device_lock -\u003e\nrfkill_global_mutex via rfkill_register) is safe because during\nregistration the device is not yet in rfkill_list, so no concurrent\nrfkill operations can occur on this device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71079",
"url": "https://www.suse.com/security/cve/CVE-2025-71079"
},
{
"category": "external",
"summary": "SUSE Bug 1256619 for CVE-2025-71079",
"url": "https://bugzilla.suse.com/1256619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71079"
},
{
"cve": "CVE-2025-71080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT\n\nOn PREEMPT_RT kernels, after rt6_get_pcpu_route() returns NULL, the\ncurrent task can be preempted. Another task running on the same CPU\nmay then execute rt6_make_pcpu_route() and successfully install a\npcpu_rt entry. When the first task resumes execution, its cmpxchg()\nin rt6_make_pcpu_route() will fail because rt6i_pcpu is no longer\nNULL, triggering the BUG_ON(prev). It\u0027s easy to reproduce it by adding\nmdelay() after rt6_get_pcpu_route().\n\nUsing preempt_disable/enable is not appropriate here because\nip6_rt_pcpu_alloc() may sleep.\n\nFix this by handling the cmpxchg() failure gracefully on PREEMPT_RT:\nfree our allocation and return the existing pcpu_rt installed by\nanother task. The BUG_ON is replaced by WARN_ON_ONCE for non-PREEMPT_RT\nkernels where such races should not occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71080",
"url": "https://www.suse.com/security/cve/CVE-2025-71080"
},
{
"category": "external",
"summary": "SUSE Bug 1256608 for CVE-2025-71080",
"url": "https://bugzilla.suse.com/1256608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "low"
}
],
"title": "CVE-2025-71080"
},
{
"cve": "CVE-2025-71081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: stm32: sai: fix OF node leak on probe\n\nThe reference taken to the sync provider OF node when probing the\nplatform device is currently only dropped if the set_sync() callback\nfails during DAI probe.\n\nMake sure to drop the reference on platform probe failures (e.g. probe\ndeferral) and on driver unbind.\n\nThis also avoids a potential use-after-free in case the DAI is ever\nreprobed without first rebinding the platform driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71081",
"url": "https://www.suse.com/security/cve/CVE-2025-71081"
},
{
"category": "external",
"summary": "SUSE Bug 1256609 for CVE-2025-71081",
"url": "https://bugzilla.suse.com/1256609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71081"
},
{
"cve": "CVE-2025-71082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71082"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: revert use of devm_kzalloc in btusb\n\nThis reverts commit 98921dbd00c4e (\"Bluetooth: Use devm_kzalloc in\nbtusb.c file\").\n\nIn btusb_probe(), we use devm_kzalloc() to allocate the btusb data. This\nties the lifetime of all the btusb data to the binding of a driver to\none interface, INTF. In a driver that binds to other interfaces, ISOC\nand DIAG, this is an accident waiting to happen.\n\nThe issue is revealed in btusb_disconnect(), where calling\nusb_driver_release_interface(\u0026btusb_driver, data-\u003eintf) will have devm\nfree the data that is also being used by the other interfaces of the\ndriver that may not be released yet.\n\nTo fix this, revert the use of devm and go back to freeing memory\nexplicitly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71082",
"url": "https://www.suse.com/security/cve/CVE-2025-71082"
},
{
"category": "external",
"summary": "SUSE Bug 1256611 for CVE-2025-71082",
"url": "https://bugzilla.suse.com/1256611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71082"
},
{
"cve": "CVE-2025-71083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: Avoid NULL pointer deref for evicted BOs\n\nIt is possible for a BO to exist that is not currently associated with a\nresource, e.g. because it has been evicted.\n\nWhen devcoredump tries to read the contents of all BOs for dumping, we need\nto expect this as well -- in this case, ENODATA is recorded instead of the\nbuffer contents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71083",
"url": "https://www.suse.com/security/cve/CVE-2025-71083"
},
{
"category": "external",
"summary": "SUSE Bug 1256610 for CVE-2025-71083",
"url": "https://bugzilla.suse.com/1256610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71083"
},
{
"cve": "CVE-2025-71084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cm: Fix leaking the multicast GID table reference\n\nIf the CM ID is destroyed while the CM event for multicast creating is\nstill queued the cancel_work_sync() will prevent the work from running\nwhich also prevents destroying the ah_attr. This leaks a refcount and\ntriggers a WARN:\n\n GID entry ref leak for dev syz1 index 2 ref=573\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 release_gid_table drivers/infiniband/core/cache.c:806 [inline]\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886\n\nDestroy the ah_attr after canceling the work, it is safe to call this\ntwice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71084",
"url": "https://www.suse.com/security/cve/CVE-2025-71084"
},
{
"category": "external",
"summary": "SUSE Bug 1256622 for CVE-2025-71084",
"url": "https://bugzilla.suse.com/1256622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "low"
}
],
"title": "CVE-2025-71084"
},
{
"cve": "CVE-2025-71085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()\n\nThere exists a kernel oops caused by a BUG_ON(nhead \u003c 0) at\nnet/core/skbuff.c:2232 in pskb_expand_head().\nThis bug is triggered as part of the calipso_skbuff_setattr()\nroutine when skb_cow() is passed headroom \u003e INT_MAX\n(i.e. (int)(skb_headroom(skb) + len_delta) \u003c 0).\n\nThe root cause of the bug is due to an implicit integer cast in\n__skb_cow(). The check (headroom \u003e skb_headroom(skb)) is meant to ensure\nthat delta = headroom - skb_headroom(skb) is never negative, otherwise\nwe will trigger a BUG_ON in pskb_expand_head(). However, if\nheadroom \u003e INT_MAX and delta \u003c= -NET_SKB_PAD, the check passes, delta\nbecomes negative, and pskb_expand_head() is passed a negative value for\nnhead.\n\nFix the trigger condition in calipso_skbuff_setattr(). Avoid passing\n\"negative\" headroom sizes to skb_cow() within calipso_skbuff_setattr()\nby only using skb_cow() to grow headroom.\n\nPoC:\n\tUsing `netlabelctl` tool:\n\n netlabelctl map del default\n netlabelctl calipso add pass doi:7\n netlabelctl map add default address:0::1/128 protocol:calipso,7\n\n Then run the following PoC:\n\n int fd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);\n\n // setup msghdr\n int cmsg_size = 2;\n int cmsg_len = 0x60;\n struct msghdr msg;\n struct sockaddr_in6 dest_addr;\n struct cmsghdr * cmsg = (struct cmsghdr *) calloc(1,\n sizeof(struct cmsghdr) + cmsg_len);\n msg.msg_name = \u0026dest_addr;\n msg.msg_namelen = sizeof(dest_addr);\n msg.msg_iov = NULL;\n msg.msg_iovlen = 0;\n msg.msg_control = cmsg;\n msg.msg_controllen = cmsg_len;\n msg.msg_flags = 0;\n\n // setup sockaddr\n dest_addr.sin6_family = AF_INET6;\n dest_addr.sin6_port = htons(31337);\n dest_addr.sin6_flowinfo = htonl(31337);\n dest_addr.sin6_addr = in6addr_loopback;\n dest_addr.sin6_scope_id = 31337;\n\n // setup cmsghdr\n cmsg-\u003ecmsg_len = cmsg_len;\n cmsg-\u003ecmsg_level = IPPROTO_IPV6;\n cmsg-\u003ecmsg_type = IPV6_HOPOPTS;\n char * hop_hdr = (char *)cmsg + sizeof(struct cmsghdr);\n hop_hdr[1] = 0x9; //set hop size - (0x9 + 1) * 8 = 80\n\n sendmsg(fd, \u0026msg, 0);",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71085",
"url": "https://www.suse.com/security/cve/CVE-2025-71085"
},
{
"category": "external",
"summary": "SUSE Bug 1256623 for CVE-2025-71085",
"url": "https://bugzilla.suse.com/1256623"
},
{
"category": "external",
"summary": "SUSE Bug 1256624 for CVE-2025-71085",
"url": "https://bugzilla.suse.com/1256624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-71085"
},
{
"cve": "CVE-2025-71086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix invalid array index in rose_kill_by_device()\n\nrose_kill_by_device() collects sockets into a local array[] and then\niterates over them to disconnect sockets bound to a device being brought\ndown.\n\nThe loop mistakenly indexes array[cnt] instead of array[i]. For cnt \u003c\nARRAY_SIZE(array), this reads an uninitialized entry; for cnt ==\nARRAY_SIZE(array), it is an out-of-bounds read. Either case can lead to\nan invalid socket pointer dereference and also leaks references taken\nvia sock_hold().\n\nFix the index to use i.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71086",
"url": "https://www.suse.com/security/cve/CVE-2025-71086"
},
{
"category": "external",
"summary": "SUSE Bug 1256625 for CVE-2025-71086",
"url": "https://bugzilla.suse.com/1256625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71086"
},
{
"cve": "CVE-2025-71087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: fix off-by-one issues in iavf_config_rss_reg()\n\nThere are off-by-one bugs when configuring RSS hash key and lookup\ntable, causing out-of-bounds reads to memory [1] and out-of-bounds\nwrites to device registers.\n\nBefore commit 43a3d9ba34c9 (\"i40evf: Allow PF driver to configure RSS\"),\nthe loop upper bounds were:\n i \u003c= I40E_VFQF_{HKEY,HLUT}_MAX_INDEX\nwhich is safe since the value is the last valid index.\n\nThat commit changed the bounds to:\n i \u003c= adapter-\u003erss_{key,lut}_size / 4\nwhere `rss_{key,lut}_size / 4` is the number of dwords, so the last\nvalid index is `(rss_{key,lut}_size / 4) - 1`. Therefore, using `\u003c=`\naccesses one element past the end.\n\nFix the issues by using `\u003c` instead of `\u003c=`, ensuring we do not exceed\nthe bounds.\n\n[1] KASAN splat about rss_key_size off-by-one\n BUG: KASAN: slab-out-of-bounds in iavf_config_rss+0x619/0x800\n Read of size 4 at addr ffff888102c50134 by task kworker/u8:6/63\n\n CPU: 0 UID: 0 PID: 63 Comm: kworker/u8:6 Not tainted 6.18.0-rc2-enjuk-tnguy-00378-g3005f5b77652-dirty #156 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Workqueue: iavf iavf_watchdog_task\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6f/0xb0\n print_report+0x170/0x4f3\n kasan_report+0xe1/0x1a0\n iavf_config_rss+0x619/0x800\n iavf_watchdog_task+0x2be7/0x3230\n process_one_work+0x7fd/0x1420\n worker_thread+0x4d1/0xd40\n kthread+0x344/0x660\n ret_from_fork+0x249/0x320\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 63:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7f/0x90\n __kmalloc_noprof+0x246/0x6f0\n iavf_watchdog_task+0x28fc/0x3230\n process_one_work+0x7fd/0x1420\n worker_thread+0x4d1/0xd40\n kthread+0x344/0x660\n ret_from_fork+0x249/0x320\n ret_from_fork_asm+0x1a/0x30\n\n The buggy address belongs to the object at ffff888102c50100\n which belongs to the cache kmalloc-64 of size 64\n The buggy address is located 0 bytes to the right of\n allocated 52-byte region [ffff888102c50100, ffff888102c50134)\n\n The buggy address belongs to the physical page:\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c50\n flags: 0x200000000000000(node=0|zone=2)\n page_type: f5(slab)\n raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff888102c50000: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc\n ffff888102c50080: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc\n \u003effff888102c50100: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc\n ^\n ffff888102c50180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc\n ffff888102c50200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71087",
"url": "https://www.suse.com/security/cve/CVE-2025-71087"
},
{
"category": "external",
"summary": "SUSE Bug 1256628 for CVE-2025-71087",
"url": "https://bugzilla.suse.com/1256628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71087"
},
{
"cve": "CVE-2025-71088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fallback earlier on simult connection\n\nSyzkaller reports a simult-connect race leading to inconsistent fallback\nstatus:\n\n WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n Modules linked in:\n CPU: 3 UID: 0 PID: 33 Comm: ksoftirqd/3 Not tainted syzkaller #0 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n Code: 89 ee e8 78 61 3c f6 40 84 ed 75 21 e8 8e 66 3c f6 44 89 fe bf 07 00 00 00 e8 c1 61 3c f6 41 83 ff 07 74 09 e8 76 66 3c f6 90 \u003c0f\u003e 0b 90 e8 6d 66 3c f6 48 89 df e8 e5 ad ff ff 31 ff 89 c5 89 c6\n RSP: 0018:ffffc900006cf338 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff888031acd100 RCX: ffffffff8b7f2abf\n RDX: ffff88801e6ea440 RSI: ffffffff8b7f2aca RDI: 0000000000000005\n RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000007\n R10: 0000000000000004 R11: 0000000000002c10 R12: ffff88802ba69900\n R13: 1ffff920000d9e67 R14: ffff888046f81800 R15: 0000000000000004\n FS: 0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000560fc0ca1670 CR3: 0000000032c3a000 CR4: 0000000000352ef0\n Call Trace:\n \u003cTASK\u003e\n tcp_data_queue+0x13b0/0x4f90 net/ipv4/tcp_input.c:5197\n tcp_rcv_state_process+0xfdf/0x4ec0 net/ipv4/tcp_input.c:6922\n tcp_v6_do_rcv+0x492/0x1740 net/ipv6/tcp_ipv6.c:1672\n tcp_v6_rcv+0x2976/0x41e0 net/ipv6/tcp_ipv6.c:1918\n ip6_protocol_deliver_rcu+0x188/0x1520 net/ipv6/ip6_input.c:438\n ip6_input_finish+0x1e4/0x4b0 net/ipv6/ip6_input.c:489\n NF_HOOK include/linux/netfilter.h:318 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ip6_input+0x105/0x2f0 net/ipv6/ip6_input.c:500\n dst_input include/net/dst.h:471 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n NF_HOOK include/linux/netfilter.h:318 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x264/0x650 net/ipv6/ip6_input.c:311\n __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:5979\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:6092\n process_backlog+0x442/0x15e0 net/core/dev.c:6444\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7494\n napi_poll net/core/dev.c:7557 [inline]\n net_rx_action+0xa9f/0xfe0 net/core/dev.c:7684\n handle_softirqs+0x216/0x8e0 kernel/softirq.c:579\n run_ksoftirqd kernel/softirq.c:968 [inline]\n run_ksoftirqd+0x3a/0x60 kernel/softirq.c:960\n smpboot_thread_fn+0x3f7/0xae0 kernel/smpboot.c:160\n kthread+0x3c2/0x780 kernel/kthread.c:463\n ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nThe TCP subflow can process the simult-connect syn-ack packet after\ntransitioning to TCP_FIN1 state, bypassing the MPTCP fallback check,\nas the sk_state_change() callback is not invoked for * -\u003e FIN_WAIT1\ntransitions.\n\nThat will move the msk socket to an inconsistent status and the next\nincoming data will hit the reported splat.\n\nClose the race moving the simult-fallback check at the earliest possible\nstage - that is at syn-ack generation time.\n\nAbout the fixes tags: [2] was supposed to also fix this issue introduced\nby [3]. [1] is required as a dependence: it was not explicitly marked as\na fix, but it is one and it has already been backported before [3]. In\nother words, this commit should be backported up to [3], including [2]\nand [1] if that\u0027s not already there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71088",
"url": "https://www.suse.com/security/cve/CVE-2025-71088"
},
{
"category": "external",
"summary": "SUSE Bug 1256630 for CVE-2025-71088",
"url": "https://bugzilla.suse.com/1256630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71088"
},
{
"cve": "CVE-2025-71089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: disable SVA when CONFIG_X86 is set\n\nPatch series \"Fix stale IOTLB entries for kernel address space\", v7.\n\nThis proposes a fix for a security vulnerability related to IOMMU Shared\nVirtual Addressing (SVA). In an SVA context, an IOMMU can cache kernel\npage table entries. When a kernel page table page is freed and\nreallocated for another purpose, the IOMMU might still hold stale,\nincorrect entries. This can be exploited to cause a use-after-free or\nwrite-after-free condition, potentially leading to privilege escalation or\ndata corruption.\n\nThis solution introduces a deferred freeing mechanism for kernel page\ntable pages, which provides a safe window to notify the IOMMU to\ninvalidate its caches before the page is reused.\n\n\nThis patch (of 8):\n\nIn the IOMMU Shared Virtual Addressing (SVA) context, the IOMMU hardware\nshares and walks the CPU\u0027s page tables. The x86 architecture maps the\nkernel\u0027s virtual address space into the upper portion of every process\u0027s\npage table. Consequently, in an SVA context, the IOMMU hardware can walk\nand cache kernel page table entries.\n\nThe Linux kernel currently lacks a notification mechanism for kernel page\ntable changes, specifically when page table pages are freed and reused. \nThe IOMMU driver is only notified of changes to user virtual address\nmappings. This can cause the IOMMU\u0027s internal caches to retain stale\nentries for kernel VA.\n\nUse-After-Free (UAF) and Write-After-Free (WAF) conditions arise when\nkernel page table pages are freed and later reallocated. The IOMMU could\nmisinterpret the new data as valid page table entries. The IOMMU might\nthen walk into attacker-controlled memory, leading to arbitrary physical\nmemory DMA access or privilege escalation. This is also a\nWrite-After-Free issue, as the IOMMU will potentially continue to write\nAccessed and Dirty bits to the freed memory while attempting to walk the\nstale page tables.\n\nCurrently, SVA contexts are unprivileged and cannot access kernel\nmappings. However, the IOMMU will still walk kernel-only page tables all\nthe way down to the leaf entries, where it realizes the mapping is for the\nkernel and errors out. This means the IOMMU still caches these\nintermediate page table entries, making the described vulnerability a real\nconcern.\n\nDisable SVA on x86 architecture until the IOMMU can receive notification\nto flush the paging cache before freeing the CPU kernel page table pages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71089",
"url": "https://www.suse.com/security/cve/CVE-2025-71089"
},
{
"category": "external",
"summary": "SUSE Bug 1256612 for CVE-2025-71089",
"url": "https://bugzilla.suse.com/1256612"
},
{
"category": "external",
"summary": "SUSE Bug 1256615 for CVE-2025-71089",
"url": "https://bugzilla.suse.com/1256615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-71089"
},
{
"cve": "CVE-2025-71091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: fix check for port enabled in team_queue_override_port_prio_changed()\n\nThere has been a syzkaller bug reported recently with the following\ntrace:\n\nlist_del corruption, ffff888058bea080-\u003eprev is LIST_POISON2 (dead000000000122)\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:59!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nCPU: 3 UID: 0 PID: 21246 Comm: syz.0.2928 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:__list_del_entry_valid_or_report+0x13e/0x200 lib/list_debug.c:59\nCode: 48 c7 c7 e0 71 f0 8b e8 30 08 ef fc 90 0f 0b 48 89 ef e8 a5 02 55 fd 48 89 ea 48 89 de 48 c7 c7 40 72 f0 8b e8 13 08 ef fc 90 \u003c0f\u003e 0b 48 89 ef e8 88 02 55 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d49f370 EFLAGS: 00010286\nRAX: 000000000000004e RBX: ffff888058bea080 RCX: ffffc9002817d000\nRDX: 0000000000000000 RSI: ffffffff819becc6 RDI: 0000000000000005\nRBP: dead000000000122 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000080000000 R11: 0000000000000001 R12: ffff888039e9c230\nR13: ffff888058bea088 R14: ffff888058bea080 R15: ffff888055461480\nFS: 00007fbbcfe6f6c0(0000) GS:ffff8880d6d0a000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000110c3afcb0 CR3: 00000000382c7000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n __list_del_entry_valid include/linux/list.h:132 [inline]\n __list_del_entry include/linux/list.h:223 [inline]\n list_del_rcu include/linux/rculist.h:178 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:826 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:821 [inline]\n team_queue_override_port_prio_changed drivers/net/team/team_core.c:883 [inline]\n team_priority_option_set+0x171/0x2f0 drivers/net/team/team_core.c:1534\n team_option_set drivers/net/team/team_core.c:376 [inline]\n team_nl_options_set_doit+0x8ae/0xe60 drivers/net/team/team_core.c:2653\n genl_family_rcv_msg_doit+0x209/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa98/0xc70 net/socket.c:2630\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2684\n __sys_sendmsg+0x16d/0x220 net/socket.c:2716\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe problem is in this flow:\n1) Port is enabled, queue_id != 0, in qom_list\n2) Port gets disabled\n -\u003e team_port_disable()\n -\u003e team_queue_override_port_del()\n -\u003e del (removed from list)\n3) Port is disabled, queue_id != 0, not in any list\n4) Priority changes\n -\u003e team_queue_override_port_prio_changed()\n -\u003e checks: port disabled \u0026\u0026 queue_id != 0\n -\u003e calls del - hits the BUG as it is removed already\n\nTo fix this, change the check in team_queue_override_port_prio_changed()\nso it returns early if port is not enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71091",
"url": "https://www.suse.com/security/cve/CVE-2025-71091"
},
{
"category": "external",
"summary": "SUSE Bug 1256773 for CVE-2025-71091",
"url": "https://bugzilla.suse.com/1256773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71091"
},
{
"cve": "CVE-2025-71093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ne1000: fix OOB in e1000_tbi_should_accept()\n\nIn e1000_tbi_should_accept() we read the last byte of the frame via\n\u0027data[length - 1]\u0027 to evaluate the TBI workaround. If the descriptor-\nreported length is zero or larger than the actual RX buffer size, this\nread goes out of bounds and can hit unrelated slab objects. The issue\nis observed from the NAPI receive path (e1000_clean_rx_irq):\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in e1000_tbi_should_accept+0x610/0x790\nRead of size 1 at addr ffff888014114e54 by task sshd/363\n\nCPU: 0 PID: 363 Comm: sshd Not tainted 5.18.0-rc1 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x5a/0x74\n print_address_description+0x7b/0x440\n print_report+0x101/0x200\n kasan_report+0xc1/0xf0\n e1000_tbi_should_accept+0x610/0x790\n e1000_clean_rx_irq+0xa8c/0x1110\n e1000_clean+0xde2/0x3c10\n __napi_poll+0x98/0x380\n net_rx_action+0x491/0xa20\n __do_softirq+0x2c9/0x61d\n do_softirq+0xd1/0x120\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xfe/0x130\n ip_finish_output2+0x7d5/0xb00\n __ip_queue_xmit+0xe24/0x1ab0\n __tcp_transmit_skb+0x1bcb/0x3340\n tcp_write_xmit+0x175d/0x6bd0\n __tcp_push_pending_frames+0x7b/0x280\n tcp_sendmsg_locked+0x2e4f/0x32d0\n tcp_sendmsg+0x24/0x40\n sock_write_iter+0x322/0x430\n vfs_write+0x56c/0xa60\n ksys_write+0xd1/0x190\n do_syscall_64+0x43/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f511b476b10\nCode: 73 01 c3 48 8b 0d 88 d3 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d f9 2b 2c 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 8e 9b 01 00 48 89 04 24\nRSP: 002b:00007ffc9211d4e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000004024 RCX: 00007f511b476b10\nRDX: 0000000000004024 RSI: 0000559a9385962c RDI: 0000000000000003\nRBP: 0000559a9383a400 R08: fffffffffffffff0 R09: 0000000000004f00\nR10: 0000000000000070 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007ffc9211d57f R14: 0000559a9347bde7 R15: 0000000000000003\n \u003c/TASK\u003e\nAllocated by task 1:\n __kasan_krealloc+0x131/0x1c0\n krealloc+0x90/0xc0\n add_sysfs_param+0xcb/0x8a0\n kernel_add_sysfs_param+0x81/0xd4\n param_sysfs_builtin+0x138/0x1a6\n param_sysfs_init+0x57/0x5b\n do_one_initcall+0x104/0x250\n do_initcall_level+0x102/0x132\n do_initcalls+0x46/0x74\n kernel_init_freeable+0x28f/0x393\n kernel_init+0x14/0x1a0\n ret_from_fork+0x22/0x30\nThe buggy address belongs to the object at ffff888014114000\n which belongs to the cache kmalloc-2k of size 2048\nThe buggy address is located 1620 bytes to the right of\n 2048-byte region [ffff888014114000, ffff888014114800]\nThe buggy address belongs to the physical page:\npage:ffffea0000504400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14110\nhead:ffffea0000504400 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0x100000000010200(slab|head|node=0|zone=1)\nraw: 0100000000010200 0000000000000000 dead000000000001 ffff888013442000\nraw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n==================================================================\n\nThis happens because the TBI check unconditionally dereferences the last\nbyte without validating the reported length first:\n\n\tu8 last_byte = *(data + length - 1);\n\nFix by rejecting the frame early if the length is zero, or if it exceeds\nadapter-\u003erx_buffer_len. This preserves the TBI workaround semantics for\nvalid frames and prevents touching memory beyond the RX buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71093",
"url": "https://www.suse.com/security/cve/CVE-2025-71093"
},
{
"category": "external",
"summary": "SUSE Bug 1256777 for CVE-2025-71093",
"url": "https://bugzilla.suse.com/1256777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71093"
},
{
"cve": "CVE-2025-71094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix: validate PHY address before use\n\nThe ASIX driver reads the PHY address from the USB device via\nasix_read_phy_addr(). A malicious or faulty device can return an\ninvalid address (\u003e= PHY_MAX_ADDR), which causes a warning in\nmdiobus_get_phy():\n\n addr 207 out of range\n WARNING: drivers/net/phy/mdio_bus.c:76\n\nValidate the PHY address in asix_read_phy_addr() and remove the\nnow-redundant check in ax88172a.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71094",
"url": "https://www.suse.com/security/cve/CVE-2025-71094"
},
{
"category": "external",
"summary": "SUSE Bug 1256597 for CVE-2025-71094",
"url": "https://bugzilla.suse.com/1256597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "low"
}
],
"title": "CVE-2025-71094"
},
{
"cve": "CVE-2025-71095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix the crash issue for zero copy XDP_TX action\n\nThere is a crash issue when running zero copy XDP_TX action, the crash\nlog is shown below.\n\n[ 216.122464] Unable to handle kernel paging request at virtual address fffeffff80000000\n[ 216.187524] Internal error: Oops: 0000000096000144 [#1] SMP\n[ 216.301694] Call trace:\n[ 216.304130] dcache_clean_poc+0x20/0x38 (P)\n[ 216.308308] __dma_sync_single_for_device+0x1bc/0x1e0\n[ 216.313351] stmmac_xdp_xmit_xdpf+0x354/0x400\n[ 216.317701] __stmmac_xdp_run_prog+0x164/0x368\n[ 216.322139] stmmac_napi_poll_rxtx+0xba8/0xf00\n[ 216.326576] __napi_poll+0x40/0x218\n[ 216.408054] Kernel panic - not syncing: Oops: Fatal exception in interrupt\n\nFor XDP_TX action, the xdp_buff is converted to xdp_frame by\nxdp_convert_buff_to_frame(). The memory type of the resulting xdp_frame\ndepends on the memory type of the xdp_buff. For page pool based xdp_buff\nit produces xdp_frame with memory type MEM_TYPE_PAGE_POOL. For zero copy\nXSK pool based xdp_buff it produces xdp_frame with memory type\nMEM_TYPE_PAGE_ORDER0. However, stmmac_xdp_xmit_back() does not check the\nmemory type and always uses the page pool type, this leads to invalid\nmappings and causes the crash. Therefore, check the xdp_buff memory type\nin stmmac_xdp_xmit_back() to fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71095",
"url": "https://www.suse.com/security/cve/CVE-2025-71095"
},
{
"category": "external",
"summary": "SUSE Bug 1256605 for CVE-2025-71095",
"url": "https://bugzilla.suse.com/1256605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71095"
},
{
"cve": "CVE-2025-71096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly\n\nThe netlink response for RDMA_NL_LS_OP_IP_RESOLVE should always have a\nLS_NLA_TYPE_DGID attribute, it is invalid if it does not.\n\nUse the nl parsing logic properly and call nla_parse_deprecated() to fill\nthe nlattrs array and then directly index that array to get the data for\nthe DGID. Just fail if it is NULL.\n\nRemove the for loop searching for the nla, and squash the validation and\nparsing into one function.\n\nFixes an uninitialized read from the stack triggered by userspace if it\ndoes not provide the DGID to a kernel initiated RDMA_NL_LS_OP_IP_RESOLVE\nquery.\n\n BUG: KMSAN: uninit-value in hex_byte_pack include/linux/hex.h:13 [inline]\n BUG: KMSAN: uninit-value in ip6_string+0xef4/0x13a0 lib/vsprintf.c:1490\n hex_byte_pack include/linux/hex.h:13 [inline]\n ip6_string+0xef4/0x13a0 lib/vsprintf.c:1490\n ip6_addr_string+0x18a/0x3e0 lib/vsprintf.c:1509\n ip_addr_string+0x245/0xee0 lib/vsprintf.c:1633\n pointer+0xc09/0x1bd0 lib/vsprintf.c:2542\n vsnprintf+0xf8a/0x1bd0 lib/vsprintf.c:2930\n vprintk_store+0x3ae/0x1530 kernel/printk/printk.c:2279\n vprintk_emit+0x307/0xcd0 kernel/printk/printk.c:2426\n vprintk_default+0x3f/0x50 kernel/printk/printk.c:2465\n vprintk+0x36/0x50 kernel/printk/printk_safe.c:82\n _printk+0x17e/0x1b0 kernel/printk/printk.c:2475\n ib_nl_process_good_ip_rsep drivers/infiniband/core/addr.c:128 [inline]\n ib_nl_handle_ip_res_resp+0x963/0x9d0 drivers/infiniband/core/addr.c:141\n rdma_nl_rcv_msg drivers/infiniband/core/netlink.c:-1 [inline]\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0xefa/0x11c0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0xf04/0x12b0 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x10b3/0x1250 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x333/0x3d0 net/socket.c:729\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2617\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2671\n __sys_sendmsg+0x1aa/0x300 net/socket.c:2703\n __compat_sys_sendmsg net/compat.c:346 [inline]\n __do_compat_sys_sendmsg net/compat.c:353 [inline]\n __se_compat_sys_sendmsg net/compat.c:350 [inline]\n __ia32_compat_sys_sendmsg+0xa4/0x100 net/compat.c:350\n ia32_sys_call+0x3f6c/0x4310 arch/x86/include/generated/asm/syscalls_32.h:371\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x150 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71096",
"url": "https://www.suse.com/security/cve/CVE-2025-71096"
},
{
"category": "external",
"summary": "SUSE Bug 1256606 for CVE-2025-71096",
"url": "https://bugzilla.suse.com/1256606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71096"
},
{
"cve": "CVE-2025-71097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix reference count leak when using error routes with nexthop objects\n\nWhen a nexthop object is deleted, it is marked as dead and then\nfib_table_flush() is called to flush all the routes that are using the\ndead nexthop.\n\nThe current logic in fib_table_flush() is to only flush error routes\n(e.g., blackhole) when it is called as part of network namespace\ndismantle (i.e., with flush_all=true). Therefore, error routes are not\nflushed when their nexthop object is deleted:\n\n # ip link add name dummy1 up type dummy\n # ip nexthop add id 1 dev dummy1\n # ip route add 198.51.100.1/32 nhid 1\n # ip route add blackhole 198.51.100.2/32 nhid 1\n # ip nexthop del id 1\n # ip route show\n blackhole 198.51.100.2 nhid 1 dev dummy1\n\nAs such, they keep holding a reference on the nexthop object which in\nturn holds a reference on the nexthop device, resulting in a reference\ncount leak:\n\n # ip link del dev dummy1\n [ 70.516258] unregister_netdevice: waiting for dummy1 to become free. Usage count = 2\n\nFix by flushing error routes when their nexthop is marked as dead.\n\nIPv6 does not suffer from this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71097",
"url": "https://www.suse.com/security/cve/CVE-2025-71097"
},
{
"category": "external",
"summary": "SUSE Bug 1256607 for CVE-2025-71097",
"url": "https://bugzilla.suse.com/1256607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71097"
},
{
"cve": "CVE-2025-71098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: make ip6gre_header() robust\n\nOver the years, syzbot found many ways to crash the kernel\nin ip6gre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ip6gre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:213 !\n \u003cTASK\u003e\n skb_under_panic net/core/skbuff.c:223 [inline]\n skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371\n dev_hard_header include/linux/netdevice.h:3436 [inline]\n neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n neigh_output include/net/neighbour.h:556 [inline]\n ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136\n __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline]\n ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71098",
"url": "https://www.suse.com/security/cve/CVE-2025-71098"
},
{
"category": "external",
"summary": "SUSE Bug 1256591 for CVE-2025-71098",
"url": "https://bugzilla.suse.com/1256591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71098"
},
{
"cve": "CVE-2025-71099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl()\n\nIn xe_oa_add_config_ioctl(), we accessed oa_config-\u003eid after dropping\nmetrics_lock. Since this lock protects the lifetime of oa_config, an\nattacker could guess the id and call xe_oa_remove_config_ioctl() with\nperfect timing, freeing oa_config before we dereference it, leading to\na potential use-after-free.\n\nFix this by caching the id in a local variable while holding the lock.\n\nv2: (Matt A)\n- Dropped mutex_unlock(\u0026oa-\u003emetrics_lock) ordering change from\n xe_oa_remove_config_ioctl()\n\n(cherry picked from commit 28aeaed130e8e587fd1b73b6d66ca41ccc5a1a31)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71099",
"url": "https://www.suse.com/security/cve/CVE-2025-71099"
},
{
"category": "external",
"summary": "SUSE Bug 1256592 for CVE-2025-71099",
"url": "https://bugzilla.suse.com/1256592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71099"
},
{
"cve": "CVE-2025-71100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()\n\nTID getting from ieee80211_get_tid() might be out of range of array size\nof sta_entry-\u003etids[], so check TID is less than MAX_TID_COUNT. Othwerwise,\nUBSAN warn:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/realtek/rtlwifi/rtl8192cu/trx.c:514:30\n index 10 is out of range for type \u0027rtl_tid_data [9]\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71100",
"url": "https://www.suse.com/security/cve/CVE-2025-71100"
},
{
"category": "external",
"summary": "SUSE Bug 1256593 for CVE-2025-71100",
"url": "https://bugzilla.suse.com/1256593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71100"
},
{
"cve": "CVE-2025-71101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing\n\nThe hp_populate_*_elements_from_package() functions in the hp-bioscfg\ndriver contain out-of-bounds array access vulnerabilities.\n\nThese functions parse ACPI packages into internal data structures using\na for loop with index variable \u0027elem\u0027 that iterates through\nenum_obj/integer_obj/order_obj/password_obj/string_obj arrays.\n\nWhen processing multi-element fields like PREREQUISITES and\nENUM_POSSIBLE_VALUES, these functions read multiple consecutive array\nelements using expressions like \u0027enum_obj[elem + reqs]\u0027 and\n\u0027enum_obj[elem + pos_values]\u0027 within nested loops.\n\nThe bug is that the bounds check only validated elem, but did not consider\nthe additional offset when accessing elem + reqs or elem + pos_values.\n\nThe fix changes the bounds check to validate the actual accessed index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71101",
"url": "https://www.suse.com/security/cve/CVE-2025-71101"
},
{
"category": "external",
"summary": "SUSE Bug 1256594 for CVE-2025-71101",
"url": "https://bugzilla.suse.com/1256594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71101"
},
{
"cve": "CVE-2025-71108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Handle incorrect num_connectors capability\n\nThe UCSI spec states that the num_connectors field is 7 bits, and the\n8th bit is reserved and should be set to zero.\nSome buggy FW has been known to set this bit, and it can lead to a\nsystem not booting.\nFlag that the FW is not behaving correctly, and auto-fix the value\nso that the system boots correctly.\n\nFound on Lenovo P1 G8 during Linux enablement program. The FW will\nbe fixed, but seemed worth addressing in case it hit platforms that\naren\u0027t officially Linux supported.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71108",
"url": "https://www.suse.com/security/cve/CVE-2025-71108"
},
{
"category": "external",
"summary": "SUSE Bug 1256774 for CVE-2025-71108",
"url": "https://bugzilla.suse.com/1256774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71108"
},
{
"cve": "CVE-2025-71111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83791d) Convert macros to functions to avoid TOCTOU\n\nThe macro FAN_FROM_REG evaluates its arguments multiple times. When used\nin lockless contexts involving shared driver data, this leads to\nTime-of-Check to Time-of-Use (TOCTOU) race conditions, potentially\ncausing divide-by-zero errors.\n\nConvert the macro to a static function. This guarantees that arguments\nare evaluated only once (pass-by-value), preventing the race\nconditions.\n\nAdditionally, in store_fan_div, move the calculation of the minimum\nlimit inside the update lock. This ensures that the read-modify-write\nsequence operates on consistent data.\n\nAdhere to the principle of minimal changes by only converting macros\nthat evaluate arguments multiple times and are used in lockless\ncontexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71111",
"url": "https://www.suse.com/security/cve/CVE-2025-71111"
},
{
"category": "external",
"summary": "SUSE Bug 1256728 for CVE-2025-71111",
"url": "https://bugzilla.suse.com/1256728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71111"
},
{
"cve": "CVE-2025-71112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: add VLAN id validation before using\n\nCurrently, the VLAN id may be used without validation when\nreceive a VLAN configuration mailbox from VF. The length of\nvlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_VID). It may cause\nout-of-bounds memory access once the VLAN id is bigger than\nor equal to VLAN_N_VID.\n\nTherefore, VLAN id needs to be checked to ensure it is within\nthe range of VLAN_N_VID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71112",
"url": "https://www.suse.com/security/cve/CVE-2025-71112"
},
{
"category": "external",
"summary": "SUSE Bug 1256726 for CVE-2025-71112",
"url": "https://bugzilla.suse.com/1256726"
},
{
"category": "external",
"summary": "SUSE Bug 1256727 for CVE-2025-71112",
"url": "https://bugzilla.suse.com/1256727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-71112"
},
{
"cve": "CVE-2025-71114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvia_wdt: fix critical boot hang due to unnamed resource allocation\n\nThe VIA watchdog driver uses allocate_resource() to reserve a MMIO\nregion for the watchdog control register. However, the allocated\nresource was not given a name, which causes the kernel resource tree\nto contain an entry marked as \"\u003cBAD\u003e\" under /proc/iomem on x86\nplatforms.\n\nDuring boot, this unnamed resource can lead to a critical hang because\nsubsequent resource lookups and conflict checks fail to handle the\ninvalid entry properly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71114",
"url": "https://www.suse.com/security/cve/CVE-2025-71114"
},
{
"category": "external",
"summary": "SUSE Bug 1256752 for CVE-2025-71114",
"url": "https://bugzilla.suse.com/1256752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71114"
},
{
"cve": "CVE-2025-71116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: make decode_pool() more resilient against corrupted osdmaps\n\nIf the osdmap is (maliciously) corrupted such that the encoded length\nof ceph_pg_pool envelope is less than what is expected for a particular\nencoding version, out-of-bounds reads may ensue because the only bounds\ncheck that is there is based on that length value.\n\nThis patch adds explicit bounds checks for each field that is decoded\nor skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71116",
"url": "https://www.suse.com/security/cve/CVE-2025-71116"
},
{
"category": "external",
"summary": "SUSE Bug 1256744 for CVE-2025-71116",
"url": "https://bugzilla.suse.com/1256744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71116"
},
{
"cve": "CVE-2025-71118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Avoid walking the Namespace if start_node is NULL\n\nAlthough commit 0c9992315e73 (\"ACPICA: Avoid walking the ACPI Namespace\nif it is not there\") fixed the situation when both start_node and\nacpi_gbl_root_node are NULL, the Linux kernel mainline now still crashed\non Honor Magicbook 14 Pro [1].\n\nThat happens due to the access to the member of parent_node in\nacpi_ns_get_next_node(). The NULL pointer dereference will always\nhappen, no matter whether or not the start_node is equal to\nACPI_ROOT_OBJECT, so move the check of start_node being NULL\nout of the if block.\n\nUnfortunately, all the attempts to contact Honor have failed, they\nrefused to provide any technical support for Linux.\n\nThe bad DSDT table\u0027s dump could be found on GitHub [2].\n\nDMI: HONOR FMB-P/FMB-P-PCB, BIOS 1.13 05/08/2025\n\n[ rjw: Subject adjustment, changelog edits ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71118",
"url": "https://www.suse.com/security/cve/CVE-2025-71118"
},
{
"category": "external",
"summary": "SUSE Bug 1256763 for CVE-2025-71118",
"url": "https://bugzilla.suse.com/1256763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71118"
},
{
"cve": "CVE-2025-71119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kexec: Enable SMT before waking offline CPUs\n\nIf SMT is disabled or a partial SMT state is enabled, when a new kernel\nimage is loaded for kexec, on reboot the following warning is observed:\n\nkexec: Waking offline cpu 228.\nWARNING: CPU: 0 PID: 9062 at arch/powerpc/kexec/core_64.c:223 kexec_prepare_cpus+0x1b0/0x1bc\n[snip]\n NIP kexec_prepare_cpus+0x1b0/0x1bc\n LR kexec_prepare_cpus+0x1a0/0x1bc\n Call Trace:\n kexec_prepare_cpus+0x1a0/0x1bc (unreliable)\n default_machine_kexec+0x160/0x19c\n machine_kexec+0x80/0x88\n kernel_kexec+0xd0/0x118\n __do_sys_reboot+0x210/0x2c4\n system_call_exception+0x124/0x320\n system_call_vectored_common+0x15c/0x2ec\n\nThis occurs as add_cpu() fails due to cpu_bootable() returning false for\nCPUs that fail the cpu_smt_thread_allowed() check or non primary\nthreads if SMT is disabled.\n\nFix the issue by enabling SMT and resetting the number of SMT threads to\nthe number of threads per core, before attempting to wake up all present\nCPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71119",
"url": "https://www.suse.com/security/cve/CVE-2025-71119"
},
{
"category": "external",
"summary": "SUSE Bug 1256730 for CVE-2025-71119",
"url": "https://bugzilla.suse.com/1256730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71119"
},
{
"cve": "CVE-2025-71120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf\n\nA zero length gss_token results in pages == 0 and in_token-\u003epages[0]\nis NULL. The code unconditionally evaluates\npage_address(in_token-\u003epages[0]) for the initial memcpy, which can\ndereference NULL even when the copy length is 0. Guard the first\nmemcpy so it only runs when length \u003e 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71120",
"url": "https://www.suse.com/security/cve/CVE-2025-71120"
},
{
"category": "external",
"summary": "SUSE Bug 1256779 for CVE-2025-71120",
"url": "https://bugzilla.suse.com/1256779"
},
{
"category": "external",
"summary": "SUSE Bug 1256780 for CVE-2025-71120",
"url": "https://bugzilla.suse.com/1256780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-71120"
},
{
"cve": "CVE-2025-71123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix string copying in parse_apply_sb_mount_options()\n\nstrscpy_pad() can\u0027t be used to copy a non-NUL-term string into a NUL-term\nstring of possibly bigger size. Commit 0efc5990bca5 (\"string.h: Introduce\nmemtostr() and memtostr_pad()\") provides additional information in that\nregard. So if this happens, the following warning is observed:\n\nstrnlen: detected buffer overflow: 65 byte read of buffer size 64\nWARNING: CPU: 0 PID: 28655 at lib/string_helpers.c:1032 __fortify_report+0x96/0xc0 lib/string_helpers.c:1032\nModules linked in:\nCPU: 0 UID: 0 PID: 28655 Comm: syz-executor.3 Not tainted 6.12.54-syzkaller-00144-g5f0270f1ba00 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:__fortify_report+0x96/0xc0 lib/string_helpers.c:1032\nCall Trace:\n \u003cTASK\u003e\n __fortify_panic+0x1f/0x30 lib/string_helpers.c:1039\n strnlen include/linux/fortify-string.h:235 [inline]\n sized_strscpy include/linux/fortify-string.h:309 [inline]\n parse_apply_sb_mount_options fs/ext4/super.c:2504 [inline]\n __ext4_fill_super fs/ext4/super.c:5261 [inline]\n ext4_fill_super+0x3c35/0xad00 fs/ext4/super.c:5706\n get_tree_bdev_flags+0x387/0x620 fs/super.c:1636\n vfs_get_tree+0x93/0x380 fs/super.c:1814\n do_new_mount fs/namespace.c:3553 [inline]\n path_mount+0x6ae/0x1f70 fs/namespace.c:3880\n do_mount fs/namespace.c:3893 [inline]\n __do_sys_mount fs/namespace.c:4103 [inline]\n __se_sys_mount fs/namespace.c:4080 [inline]\n __x64_sys_mount+0x280/0x300 fs/namespace.c:4080\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x64/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSince userspace is expected to provide s_mount_opts field to be at most 63\ncharacters long with the ending byte being NUL-term, use a 64-byte buffer\nwhich matches the size of s_mount_opts, so that strscpy_pad() does its job\nproperly. Return with error if the user still managed to provide a\nnon-NUL-term string here.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71123",
"url": "https://www.suse.com/security/cve/CVE-2025-71123"
},
{
"category": "external",
"summary": "SUSE Bug 1256757 for CVE-2025-71123",
"url": "https://bugzilla.suse.com/1256757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71123"
},
{
"cve": "CVE-2025-71130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer\n\nInitialize the eb.vma array with values of 0 when the eb structure is\nfirst set up. In particular, this sets the eb-\u003evma[i].vma pointers to\nNULL, simplifying cleanup and getting rid of the bug described below.\n\nDuring the execution of eb_lookup_vmas(), the eb-\u003evma array is\nsuccessively filled up with struct eb_vma objects. This process includes\ncalling eb_add_vma(), which might fail; however, even in the event of\nfailure, eb-\u003evma[i].vma is set for the currently processed buffer.\n\nIf eb_add_vma() fails, eb_lookup_vmas() returns with an error, which\nprompts a call to eb_release_vmas() to clean up the mess. Since\neb_lookup_vmas() might fail during processing any (possibly not first)\nbuffer, eb_release_vmas() checks whether a buffer\u0027s vma is NULL to know\nat what point did the lookup function fail.\n\nIn eb_lookup_vmas(), eb-\u003evma[i].vma is set to NULL if either the helper\nfunction eb_lookup_vma() or eb_validate_vma() fails. eb-\u003evma[i+1].vma is\nset to NULL in case i915_gem_object_userptr_submit_init() fails; the\ncurrent one needs to be cleaned up by eb_release_vmas() at this point,\nso the next one is set. If eb_add_vma() fails, neither the current nor\nthe next vma is set to NULL, which is a source of a NULL deref bug\ndescribed in the issue linked in the Closes tag.\n\nWhen entering eb_lookup_vmas(), the vma pointers are set to the slab\npoison value, instead of NULL. This doesn\u0027t matter for the actual\nlookup, since it gets overwritten anyway, however the eb_release_vmas()\nfunction only recognizes NULL as the stopping value, hence the pointers\nare being set to NULL as they go in case of intermediate failure. This\npatch changes the approach to filling them all with NULL at the start\ninstead, rather than handling that manually during failure.\n\n(cherry picked from commit 08889b706d4f0b8d2352b7ca29c2d8df4d0787cd)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71130",
"url": "https://www.suse.com/security/cve/CVE-2025-71130"
},
{
"category": "external",
"summary": "SUSE Bug 1256741 for CVE-2025-71130",
"url": "https://bugzilla.suse.com/1256741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71130"
},
{
"cve": "CVE-2025-71131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: seqiv - Do not use req-\u003eiv after crypto_aead_encrypt\n\nAs soon as crypto_aead_encrypt is called, the underlying request\nmay be freed by an asynchronous completion. Thus dereferencing\nreq-\u003eiv after it returns is invalid.\n\nInstead of checking req-\u003eiv against info, create a new variable\nunaligned_info and use it for that purpose instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71131",
"url": "https://www.suse.com/security/cve/CVE-2025-71131"
},
{
"category": "external",
"summary": "SUSE Bug 1256742 for CVE-2025-71131",
"url": "https://bugzilla.suse.com/1256742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71131"
},
{
"cve": "CVE-2025-71132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmc91x: fix broken irq-context in PREEMPT_RT\n\nWhen smc91x.c is built with PREEMPT_RT, the following splat occurs\nin FVP_RevC:\n\n[ 13.055000] smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000\n[ 13.062137] BUG: workqueue leaked atomic, lock or RCU: kworker/2:1[106]\n[ 13.062137] preempt=0x00000000 lock=0-\u003e0 RCU=0-\u003e1 workfn=mld_ifc_work\n[ 13.062266] C\n** replaying previous printk message **\n[ 13.062266] CPU: 2 UID: 0 PID: 106 Comm: kworker/2:1 Not tainted 6.18.0-dirty #179 PREEMPT_{RT,(full)}\n[ 13.062353] Hardware name: , BIOS\n[ 13.062382] Workqueue: mld mld_ifc_work\n[ 13.062469] Call trace:\n[ 13.062494] show_stack+0x24/0x40 (C)\n[ 13.062602] __dump_stack+0x28/0x48\n[ 13.062710] dump_stack_lvl+0x7c/0xb0\n[ 13.062818] dump_stack+0x18/0x34\n[ 13.062926] process_scheduled_works+0x294/0x450\n[ 13.063043] worker_thread+0x260/0x3d8\n[ 13.063124] kthread+0x1c4/0x228\n[ 13.063235] ret_from_fork+0x10/0x20\n\nThis happens because smc_special_trylock() disables IRQs even on PREEMPT_RT,\nbut smc_special_unlock() does not restore IRQs on PREEMPT_RT.\nThe reason is that smc_special_unlock() calls spin_unlock_irqrestore(),\nand rcu_read_unlock_bh() in __dev_queue_xmit() cannot invoke\nrcu_read_unlock() through __local_bh_enable_ip() when current-\u003esoftirq_disable_cnt becomes zero.\n\nTo address this issue, replace smc_special_trylock() with spin_trylock_irqsave().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71132",
"url": "https://www.suse.com/security/cve/CVE-2025-71132"
},
{
"category": "external",
"summary": "SUSE Bug 1256737 for CVE-2025-71132",
"url": "https://bugzilla.suse.com/1256737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71132"
},
{
"cve": "CVE-2025-71133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: avoid invalid read in irdma_net_event\n\nirdma_net_event() should not dereference anything from \"neigh\" (alias\n\"ptr\") until it has checked that the event is NETEVENT_NEIGH_UPDATE.\nOther events come with different structures pointed to by \"ptr\" and they\nmay be smaller than struct neighbour.\n\nMove the read of neigh-\u003edev under the NETEVENT_NEIGH_UPDATE case.\n\nThe bug is mostly harmless, but it triggers KASAN on debug kernels:\n\n BUG: KASAN: stack-out-of-bounds in irdma_net_event+0x32e/0x3b0 [irdma]\n Read of size 8 at addr ffffc900075e07f0 by task kworker/27:2/542554\n\n CPU: 27 PID: 542554 Comm: kworker/27:2 Kdump: loaded Not tainted 5.14.0-630.el9.x86_64+debug #1\n Hardware name: [...]\n Workqueue: events rt6_probe_deferred\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x60/0xb0\n print_address_description.constprop.0+0x2c/0x3f0\n print_report+0xb4/0x270\n kasan_report+0x92/0xc0\n irdma_net_event+0x32e/0x3b0 [irdma]\n notifier_call_chain+0x9e/0x180\n atomic_notifier_call_chain+0x5c/0x110\n rt6_do_redirect+0xb91/0x1080\n tcp_v6_err+0xe9b/0x13e0\n icmpv6_notify+0x2b2/0x630\n ndisc_redirect_rcv+0x328/0x530\n icmpv6_rcv+0xc16/0x1360\n ip6_protocol_deliver_rcu+0xb84/0x12e0\n ip6_input_finish+0x117/0x240\n ip6_input+0xc4/0x370\n ipv6_rcv+0x420/0x7d0\n __netif_receive_skb_one_core+0x118/0x1b0\n process_backlog+0xd1/0x5d0\n __napi_poll.constprop.0+0xa3/0x440\n net_rx_action+0x78a/0xba0\n handle_softirqs+0x2d4/0x9c0\n do_softirq+0xad/0xe0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71133",
"url": "https://www.suse.com/security/cve/CVE-2025-71133"
},
{
"category": "external",
"summary": "SUSE Bug 1256733 for CVE-2025-71133",
"url": "https://bugzilla.suse.com/1256733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71133"
},
{
"cve": "CVE-2025-71135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()\n\nThe variable mddev-\u003eprivate is first assigned to conf and then checked:\n\n conf = mddev-\u003eprivate;\n if (!conf) ...\n\nIf conf is NULL, then mddev-\u003eprivate is also NULL. In this case,\nnull-pointer dereferences can occur when calling raid5_quiesce():\n\n raid5_quiesce(mddev, true);\n raid5_quiesce(mddev, false);\n\nsince mddev-\u003eprivate is assigned to conf again in raid5_quiesce(), and conf\nis dereferenced in several places, for example:\n\n conf-\u003equiesce = 0;\n wake_up(\u0026conf-\u003ewait_for_quiescent);\n\nTo fix this issue, the function should unlock mddev and return before\ninvoking raid5_quiesce() when conf is NULL, following the existing pattern\nin raid5_change_consistency_policy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71135",
"url": "https://www.suse.com/security/cve/CVE-2025-71135"
},
{
"category": "external",
"summary": "SUSE Bug 1256761 for CVE-2025-71135",
"url": "https://bugzilla.suse.com/1256761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71135"
},
{
"cve": "CVE-2025-71136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()\n\nIt\u0027s possible for cp_read() and hdmi_read() to return -EIO. Those\nvalues are further used as indexes for accessing arrays.\n\nFix that by checking return values where it\u0027s needed.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71136",
"url": "https://www.suse.com/security/cve/CVE-2025-71136"
},
{
"category": "external",
"summary": "SUSE Bug 1256759 for CVE-2025-71136",
"url": "https://bugzilla.suse.com/1256759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71136"
},
{
"cve": "CVE-2025-71137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71137"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: fix \"UBSAN: shift-out-of-bounds error\"\n\nThis patch ensures that the RX ring size (rx_pending) is not\nset below the permitted length. This avoids UBSAN\nshift-out-of-bounds errors when users passes small or zero\nring sizes via ethtool -G.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71137",
"url": "https://www.suse.com/security/cve/CVE-2025-71137"
},
{
"category": "external",
"summary": "SUSE Bug 1256760 for CVE-2025-71137",
"url": "https://bugzilla.suse.com/1256760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71137"
},
{
"cve": "CVE-2025-71138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add missing NULL pointer check for pingpong interface\n\nIt is checked almost always in dpu_encoder_phys_wb_setup_ctl(), but in a\nsingle place the check is missing.\nAlso use convenient locals instead of phys_enc-\u003e* where available.\n\nPatchwork: https://patchwork.freedesktop.org/patch/693860/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71138",
"url": "https://www.suse.com/security/cve/CVE-2025-71138"
},
{
"category": "external",
"summary": "SUSE Bug 1256785 for CVE-2025-71138",
"url": "https://bugzilla.suse.com/1256785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71138"
},
{
"cve": "CVE-2025-71141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tilcdc: Fix removal actions in case of failed probe\n\nThe drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers\nshould only be called when the device has been successfully registered.\nCurrently, these functions are called unconditionally in tilcdc_fini(),\nwhich causes warnings during probe deferral scenarios.\n\n[ 7.972317] WARNING: CPU: 0 PID: 23 at drivers/gpu/drm/drm_atomic_state_helper.c:175 drm_atomic_helper_crtc_duplicate_state+0x60/0x68\n...\n[ 8.005820] drm_atomic_helper_crtc_duplicate_state from drm_atomic_get_crtc_state+0x68/0x108\n[ 8.005858] drm_atomic_get_crtc_state from drm_atomic_helper_disable_all+0x90/0x1c8\n[ 8.005885] drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x90/0x144\n[ 8.005911] drm_atomic_helper_shutdown from tilcdc_fini+0x68/0xf8 [tilcdc]\n[ 8.005957] tilcdc_fini [tilcdc] from tilcdc_pdev_probe+0xb0/0x6d4 [tilcdc]\n\nFix this by rewriting the failed probe cleanup path using the standard\ngoto error handling pattern, which ensures that cleanup functions are\nonly called on successfully initialized resources. Additionally, remove\nthe now-unnecessary is_registered flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71141",
"url": "https://www.suse.com/security/cve/CVE-2025-71141"
},
{
"category": "external",
"summary": "SUSE Bug 1256756 for CVE-2025-71141",
"url": "https://bugzilla.suse.com/1256756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71141"
},
{
"cve": "CVE-2025-71142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpuset: fix warning when disabling remote partition\n\nA warning was triggered as follows:\n\nWARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110\nRIP: 0010:remote_partition_disable+0xf7/0x110\nRSP: 0018:ffffc90001947d88 EFLAGS: 00000206\nRAX: 0000000000007fff RBX: ffff888103b6e000 RCX: 0000000000006f40\nRDX: 0000000000006f00 RSI: ffffc90001947da8 RDI: ffff888103b6e000\nRBP: ffff888103b6e000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: ffff88810b2e2728 R12: ffffc90001947da8\nR13: 0000000000000000 R14: ffffc90001947da8 R15: ffff8881081f1c00\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f55c8bbe0b2 CR3: 000000010b14c000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n update_prstate+0x2d3/0x580\n cpuset_partition_write+0x94/0xf0\n kernfs_fop_write_iter+0x147/0x200\n vfs_write+0x35d/0x500\n ksys_write+0x66/0xe0\n do_syscall_64+0x6b/0x390\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f55c8cd4887\n\nReproduction steps (on a 16-CPU machine):\n\n # cd /sys/fs/cgroup/\n # mkdir A1\n # echo +cpuset \u003e A1/cgroup.subtree_control\n # echo \"0-14\" \u003e A1/cpuset.cpus.exclusive\n # mkdir A1/A2\n # echo \"0-14\" \u003e A1/A2/cpuset.cpus.exclusive\n # echo \"root\" \u003e A1/A2/cpuset.cpus.partition\n # echo 0 \u003e /sys/devices/system/cpu/cpu15/online\n # echo member \u003e A1/A2/cpuset.cpus.partition\n\nWhen CPU 15 is offlined, subpartitions_cpus gets cleared because no CPUs\nremain available for the top_cpuset, forcing partitions to share CPUs with\nthe top_cpuset. In this scenario, disabling the remote partition triggers\na warning stating that effective_xcpus is not a subset of\nsubpartitions_cpus. Partitions should be invalidated in this case to\ninform users that the partition is now invalid(cpus are shared with\ntop_cpuset).\n\nTo fix this issue:\n1. Only emit the warning only if subpartitions_cpus is not empty and the\n effective_xcpus is not a subset of subpartitions_cpus.\n2. During the CPU hotplug process, invalidate partitions if\n subpartitions_cpus is empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71142",
"url": "https://www.suse.com/security/cve/CVE-2025-71142"
},
{
"category": "external",
"summary": "SUSE Bug 1256748 for CVE-2025-71142",
"url": "https://bugzilla.suse.com/1256748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71142"
},
{
"cve": "CVE-2025-71143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: exynos-clkout: Assign .num before accessing .hws\n\nCommit f316cdff8d67 (\"clk: Annotate struct clk_hw_onecell_data with\n__counted_by\") annotated the hws member of \u0027struct clk_hw_onecell_data\u0027\nwith __counted_by, which informs the bounds sanitizer (UBSAN_BOUNDS)\nabout the number of elements in .hws[], so that it can warn when .hws[]\nis accessed out of bounds. As noted in that change, the __counted_by\nmember must be initialized with the number of elements before the first\narray access happens, otherwise there will be a warning from each access\nprior to the initialization because the number of elements is zero. This\noccurs in exynos_clkout_probe() due to .num being assigned after .hws[]\nhas been accessed:\n\n UBSAN: array-index-out-of-bounds in drivers/clk/samsung/clk-exynos-clkout.c:178:18\n index 0 is out of range for type \u0027clk_hw *[*]\u0027\n\nMove the .num initialization to before the first access of .hws[],\nclearing up the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71143",
"url": "https://www.suse.com/security/cve/CVE-2025-71143"
},
{
"category": "external",
"summary": "SUSE Bug 1256749 for CVE-2025-71143",
"url": "https://bugzilla.suse.com/1256749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71143"
},
{
"cve": "CVE-2025-71145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: phy: isp1301: fix non-OF device reference imbalance\n\nA recent change fixing a device reference leak in a UDC driver\nintroduced a potential use-after-free in the non-OF case as the\nisp1301_get_client() helper only increases the reference count for the\nreturned I2C device in the OF case.\n\nIncrement the reference count also for non-OF so that the caller can\ndecrement it unconditionally.\n\nNote that this is inherently racy just as using the returned I2C device\nis since nothing is preventing the PHY driver from being unbound while\nin use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71145",
"url": "https://www.suse.com/security/cve/CVE-2025-71145"
},
{
"category": "external",
"summary": "SUSE Bug 1257155 for CVE-2025-71145",
"url": "https://bugzilla.suse.com/1257155"
},
{
"category": "external",
"summary": "SUSE Bug 1257156 for CVE-2025-71145",
"url": "https://bugzilla.suse.com/1257156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2025-71145"
},
{
"cve": "CVE-2025-71147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Fix a memory leak in tpm2_load_cmd\n\n\u0027tpm2_load_cmd\u0027 allocates a tempoary blob indirectly via \u0027tpm2_key_decode\u0027\nbut it is not freed in the failure paths. Address this by wrapping the blob\ninto with a cleanup helper.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71147",
"url": "https://www.suse.com/security/cve/CVE-2025-71147"
},
{
"category": "external",
"summary": "SUSE Bug 1257158 for CVE-2025-71147",
"url": "https://bugzilla.suse.com/1257158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71147"
},
{
"cve": "CVE-2025-71149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/poll: correctly handle io_poll_add() return value on update\n\nWhen the core of io_uring was updated to handle completions\nconsistently and with fixed return codes, the POLL_REMOVE opcode\nwith updates got slightly broken. If a POLL_ADD is pending and\nthen POLL_REMOVE is used to update the events of that request, if that\nupdate causes the POLL_ADD to now trigger, then that completion is lost\nand a CQE is never posted.\n\nAdditionally, ensure that if an update does cause an existing POLL_ADD\nto complete, that the completion value isn\u0027t always overwritten with\n-ECANCELED. For that case, whatever io_poll_add() set the value to\nshould just be retained.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71149",
"url": "https://www.suse.com/security/cve/CVE-2025-71149"
},
{
"category": "external",
"summary": "SUSE Bug 1257164 for CVE-2025-71149",
"url": "https://bugzilla.suse.com/1257164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71149"
},
{
"cve": "CVE-2025-71154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: fix memory leak on usb_submit_urb() failure\n\nIn async_set_registers(), when usb_submit_urb() fails, the allocated\n async_req structure and URB are not freed, causing a memory leak.\n\n The completion callback async_set_reg_cb() is responsible for freeing\n these allocations, but it is only called after the URB is successfully\n submitted and completes (successfully or with error). If submission\n fails, the callback never runs and the memory is leaked.\n\n Fix this by freeing both the URB and the request structure in the error\n path when usb_submit_urb() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71154",
"url": "https://www.suse.com/security/cve/CVE-2025-71154"
},
{
"category": "external",
"summary": "SUSE Bug 1257163 for CVE-2025-71154",
"url": "https://bugzilla.suse.com/1257163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71154"
},
{
"cve": "CVE-2025-71156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: defer interrupt enabling until NAPI registration\n\nCurrently, interrupts are automatically enabled immediately upon\nrequest. This allows interrupt to fire before the associated NAPI\ncontext is fully initialized and cause failures like below:\n\n[ 0.946369] Call Trace:\n[ 0.946369] \u003cIRQ\u003e\n[ 0.946369] __napi_poll+0x2a/0x1e0\n[ 0.946369] net_rx_action+0x2f9/0x3f0\n[ 0.946369] handle_softirqs+0xd6/0x2c0\n[ 0.946369] ? handle_edge_irq+0xc1/0x1b0\n[ 0.946369] __irq_exit_rcu+0xc3/0xe0\n[ 0.946369] common_interrupt+0x81/0xa0\n[ 0.946369] \u003c/IRQ\u003e\n[ 0.946369] \u003cTASK\u003e\n[ 0.946369] asm_common_interrupt+0x22/0x40\n[ 0.946369] RIP: 0010:pv_native_safe_halt+0xb/0x10\n\nUse the `IRQF_NO_AUTOEN` flag when requesting interrupts to prevent auto\nenablement and explicitly enable the interrupt in NAPI initialization\npath (and disable it during NAPI teardown).\n\nThis ensures that interrupt lifecycle is strictly coupled with\nreadiness of NAPI context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71156",
"url": "https://www.suse.com/security/cve/CVE-2025-71156"
},
{
"category": "external",
"summary": "SUSE Bug 1257167 for CVE-2025-71156",
"url": "https://bugzilla.suse.com/1257167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71156"
},
{
"cve": "CVE-2025-71157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: always drop device refcount in ib_del_sub_device_and_put()\n\nSince nldev_deldev() (introduced by commit 060c642b2ab8 (\"RDMA/nldev: Add\nsupport to add/delete a sub IB device through netlink\") grabs a reference\nusing ib_device_get_by_index() before calling ib_del_sub_device_and_put(),\nwe need to drop that reference before returning -EOPNOTSUPP error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71157",
"url": "https://www.suse.com/security/cve/CVE-2025-71157"
},
{
"category": "external",
"summary": "SUSE Bug 1257168 for CVE-2025-71157",
"url": "https://bugzilla.suse.com/1257168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71157"
},
{
"cve": "CVE-2025-71162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: tegra-adma: Fix use-after-free\n\nA use-after-free bug exists in the Tegra ADMA driver when audio streams\nare terminated, particularly during XRUN conditions. The issue occurs\nwhen the DMA buffer is freed by tegra_adma_terminate_all() before the\nvchan completion tasklet finishes accessing it.\n\nThe race condition follows this sequence:\n\n 1. DMA transfer completes, triggering an interrupt that schedules the\n completion tasklet (tasklet has not executed yet)\n 2. Audio playback stops, calling tegra_adma_terminate_all() which\n frees the DMA buffer memory via kfree()\n 3. The scheduled tasklet finally executes, calling vchan_complete()\n which attempts to access the already-freed memory\n\nSince tasklets can execute at any time after being scheduled, there is\nno guarantee that the buffer will remain valid when vchan_complete()\nruns.\n\nFix this by properly synchronizing the virtual channel completion:\n - Calling vchan_terminate_vdesc() in tegra_adma_stop() to mark the\n descriptors as terminated instead of freeing the descriptor.\n - Add the callback tegra_adma_synchronize() that calls\n vchan_synchronize() which kills any pending tasklets and frees any\n terminated descriptors.\n\nCrash logs:\n[ 337.427523] BUG: KASAN: use-after-free in vchan_complete+0x124/0x3b0\n[ 337.427544] Read of size 8 at addr ffff000132055428 by task swapper/0/0\n\n[ 337.427562] Call trace:\n[ 337.427564] dump_backtrace+0x0/0x320\n[ 337.427571] show_stack+0x20/0x30\n[ 337.427575] dump_stack_lvl+0x68/0x84\n[ 337.427584] print_address_description.constprop.0+0x74/0x2b8\n[ 337.427590] kasan_report+0x1f4/0x210\n[ 337.427598] __asan_load8+0xa0/0xd0\n[ 337.427603] vchan_complete+0x124/0x3b0\n[ 337.427609] tasklet_action_common.constprop.0+0x190/0x1d0\n[ 337.427617] tasklet_action+0x30/0x40\n[ 337.427623] __do_softirq+0x1a0/0x5c4\n[ 337.427628] irq_exit+0x110/0x140\n[ 337.427633] handle_domain_irq+0xa4/0xe0\n[ 337.427640] gic_handle_irq+0x64/0x160\n[ 337.427644] call_on_irq_stack+0x20/0x4c\n[ 337.427649] do_interrupt_handler+0x7c/0x90\n[ 337.427654] el1_interrupt+0x30/0x80\n[ 337.427659] el1h_64_irq_handler+0x18/0x30\n[ 337.427663] el1h_64_irq+0x7c/0x80\n[ 337.427667] cpuidle_enter_state+0xe4/0x540\n[ 337.427674] cpuidle_enter+0x54/0x80\n[ 337.427679] do_idle+0x2e0/0x380\n[ 337.427685] cpu_startup_entry+0x2c/0x70\n[ 337.427690] rest_init+0x114/0x130\n[ 337.427695] arch_call_rest_init+0x18/0x24\n[ 337.427702] start_kernel+0x380/0x3b4\n[ 337.427706] __primary_switched+0xc0/0xc8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71162",
"url": "https://www.suse.com/security/cve/CVE-2025-71162"
},
{
"category": "external",
"summary": "SUSE Bug 1257204 for CVE-2025-71162",
"url": "https://bugzilla.suse.com/1257204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71162"
},
{
"cve": "CVE-2025-71163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix device leaks on compat bind and unbind\n\nMake sure to drop the reference taken when looking up the idxd device as\npart of the compat bind and unbind sysfs interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71163",
"url": "https://www.suse.com/security/cve/CVE-2025-71163"
},
{
"category": "external",
"summary": "SUSE Bug 1257215 for CVE-2025-71163",
"url": "https://bugzilla.suse.com/1257215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-71163"
},
{
"cve": "CVE-2026-22976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22976"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset\n\n`qfq_class-\u003eleaf_qdisc-\u003eq.qlen \u003e 0` does not imply that the class\nitself is active.\n\nTwo qfq_class objects may point to the same leaf_qdisc. This happens\nwhen:\n\n1. one QFQ qdisc is attached to the dev as the root qdisc, and\n\n2. another QFQ qdisc is temporarily referenced (e.g., via qdisc_get()\n/ qdisc_put()) and is pending to be destroyed, as in function\ntc_new_tfilter.\n\nWhen packets are enqueued through the root QFQ qdisc, the shared\nleaf_qdisc-\u003eq.qlen increases. At the same time, the second QFQ\nqdisc triggers qdisc_put and qdisc_destroy: the qdisc enters\nqfq_reset() with its own q-\u003eq.qlen == 0, but its class\u0027s leaf\nqdisc-\u003eq.qlen \u003e 0. Therefore, the qfq_reset would wrongly deactivate\nan inactive aggregate and trigger a null-deref in qfq_deactivate_agg:\n\n[ 0.903172] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 0.903571] #PF: supervisor write access in kernel mode\n[ 0.903860] #PF: error_code(0x0002) - not-present page\n[ 0.904177] PGD 10299b067 P4D 10299b067 PUD 10299c067 PMD 0\n[ 0.904502] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 0.904737] CPU: 0 UID: 0 PID: 135 Comm: exploit Not tainted 6.19.0-rc3+ #2 NONE\n[ 0.905157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\n[ 0.905754] RIP: 0010:qfq_deactivate_agg (include/linux/list.h:992 (discriminator 2) include/linux/list.h:1006 (discriminator 2) net/sched/sch_qfq.c:1367 (discriminator 2) net/sched/sch_qfq.c:1393 (discriminator 2))\n[ 0.906046] Code: 0f 84 4d 01 00 00 48 89 70 18 8b 4b 10 48 c7 c2 ff ff ff ff 48 8b 78 08 48 d3 e2 48 21 f2 48 2b 13 48 8b 30 48 d3 ea 8b 4b 18 0\n\nCode starting with the faulting instruction\n===========================================\n 0:\t0f 84 4d 01 00 00 \tje 0x153\n 6:\t48 89 70 18 \tmov %rsi,0x18(%rax)\n a:\t8b 4b 10 \tmov 0x10(%rbx),%ecx\n d:\t48 c7 c2 ff ff ff ff \tmov $0xffffffffffffffff,%rdx\n 14:\t48 8b 78 08 \tmov 0x8(%rax),%rdi\n 18:\t48 d3 e2 \tshl %cl,%rdx\n 1b:\t48 21 f2 \tand %rsi,%rdx\n 1e:\t48 2b 13 \tsub (%rbx),%rdx\n 21:\t48 8b 30 \tmov (%rax),%rsi\n 24:\t48 d3 ea \tshr %cl,%rdx\n 27:\t8b 4b 18 \tmov 0x18(%rbx),%ecx\n\t...\n[ 0.907095] RSP: 0018:ffffc900004a39a0 EFLAGS: 00010246\n[ 0.907368] RAX: ffff8881043a0880 RBX: ffff888102953340 RCX: 0000000000000000\n[ 0.907723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 0.908100] RBP: ffff888102952180 R08: 0000000000000000 R09: 0000000000000000\n[ 0.908451] R10: ffff8881043a0000 R11: 0000000000000000 R12: ffff888102952000\n[ 0.908804] R13: ffff888102952180 R14: ffff8881043a0ad8 R15: ffff8881043a0880\n[ 0.909179] FS: 000000002a1a0380(0000) GS:ffff888196d8d000(0000) knlGS:0000000000000000\n[ 0.909572] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 0.909857] CR2: 0000000000000000 CR3: 0000000102993002 CR4: 0000000000772ef0\n[ 0.910247] PKRU: 55555554\n[ 0.910391] Call Trace:\n[ 0.910527] \u003cTASK\u003e\n[ 0.910638] qfq_reset_qdisc (net/sched/sch_qfq.c:357 net/sched/sch_qfq.c:1485)\n[ 0.910826] qdisc_reset (include/linux/skbuff.h:2195 include/linux/skbuff.h:2501 include/linux/skbuff.h:3424 include/linux/skbuff.h:3430 net/sched/sch_generic.c:1036)\n[ 0.911040] __qdisc_destroy (net/sched/sch_generic.c:1076)\n[ 0.911236] tc_new_tfilter (net/sched/cls_api.c:2447)\n[ 0.911447] rtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\n[ 0.911663] ? __pfx_rtnetlink_rcv_msg (net/core/rtnetlink.c:6861)\n[ 0.911894] netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n[ 0.912100] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\n[ 0.912296] ? __alloc_skb (net/core/skbuff.c:706)\n[ 0.912484] netlink_sendmsg (net/netlink/af\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22976",
"url": "https://www.suse.com/security/cve/CVE-2026-22976"
},
{
"category": "external",
"summary": "SUSE Bug 1257035 for CVE-2026-22976",
"url": "https://bugzilla.suse.com/1257035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22976"
},
{
"cve": "CVE-2026-22977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sock: fix hardened usercopy panic in sock_recv_errqueue\n\nskbuff_fclone_cache was created without defining a usercopy region,\n[1] unlike skbuff_head_cache which properly whitelists the cb[] field.\n[2] This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is\nenabled and the kernel attempts to copy sk_buff.cb data to userspace\nvia sock_recv_errqueue() -\u003e put_cmsg().\n\nThe crash occurs when: 1. TCP allocates an skb using alloc_skb_fclone()\n (from skbuff_fclone_cache) [1]\n2. The skb is cloned via skb_clone() using the pre-allocated fclone\n[3] 3. The cloned skb is queued to sk_error_queue for timestamp\nreporting 4. Userspace reads the error queue via recvmsg(MSG_ERRQUEUE)\n5. sock_recv_errqueue() calls put_cmsg() to copy serr-\u003eee from skb-\u003ecb\n[4] 6. __check_heap_object() fails because skbuff_fclone_cache has no\n usercopy whitelist [5]\n\nWhen cloned skbs allocated from skbuff_fclone_cache are used in the\nsocket error queue, accessing the sock_exterr_skb structure in skb-\u003ecb\nvia put_cmsg() triggers a usercopy hardening violation:\n\n[ 5.379589] usercopy: Kernel memory exposure attempt detected from SLUB object \u0027skbuff_fclone_cache\u0027 (offset 296, size 16)!\n[ 5.382796] kernel BUG at mm/usercopy.c:102!\n[ 5.383923] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n[ 5.384903] CPU: 1 UID: 0 PID: 138 Comm: poc_put_cmsg Not tainted 6.12.57 #7\n[ 5.384903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 5.384903] RIP: 0010:usercopy_abort+0x6c/0x80\n[ 5.384903] Code: 1a 86 51 48 c7 c2 40 15 1a 86 41 52 48 c7 c7 c0 15 1a 86 48 0f 45 d6 48 c7 c6 80 15 1a 86 48 89 c1 49 0f 45 f3 e8 84 27 88 ff \u003c0f\u003e 0b 490\n[ 5.384903] RSP: 0018:ffffc900006f77a8 EFLAGS: 00010246\n[ 5.384903] RAX: 000000000000006f RBX: ffff88800f0ad2a8 RCX: 1ffffffff0f72e74\n[ 5.384903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff87b973a0\n[ 5.384903] RBP: 0000000000000010 R08: 0000000000000000 R09: fffffbfff0f72e74\n[ 5.384903] R10: 0000000000000003 R11: 79706f6372657375 R12: 0000000000000001\n[ 5.384903] R13: ffff88800f0ad2b8 R14: ffffea00003c2b40 R15: ffffea00003c2b00\n[ 5.384903] FS: 0000000011bc4380(0000) GS:ffff8880bf100000(0000) knlGS:0000000000000000\n[ 5.384903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5.384903] CR2: 000056aa3b8e5fe4 CR3: 000000000ea26004 CR4: 0000000000770ef0\n[ 5.384903] PKRU: 55555554\n[ 5.384903] Call Trace:\n[ 5.384903] \u003cTASK\u003e\n[ 5.384903] __check_heap_object+0x9a/0xd0\n[ 5.384903] __check_object_size+0x46c/0x690\n[ 5.384903] put_cmsg+0x129/0x5e0\n[ 5.384903] sock_recv_errqueue+0x22f/0x380\n[ 5.384903] tls_sw_recvmsg+0x7ed/0x1960\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? schedule+0x6d/0x270\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? mutex_unlock+0x81/0xd0\n[ 5.384903] ? __pfx_mutex_unlock+0x10/0x10\n[ 5.384903] ? __pfx_tls_sw_recvmsg+0x10/0x10\n[ 5.384903] ? _raw_spin_lock_irqsave+0x8f/0xf0\n[ 5.384903] ? _raw_read_unlock_irqrestore+0x20/0x40\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n\nThe crash offset 296 corresponds to skb2-\u003ecb within skbuff_fclones:\n - sizeof(struct sk_buff) = 232 - offsetof(struct sk_buff, cb) = 40 -\n offset of skb2.cb in fclones = 232 + 40 = 272 - crash offset 296 =\n 272 + 24 (inside sock_exterr_skb.ee)\n\nThis patch uses a local stack variable as a bounce buffer to avoid the hardened usercopy check failure.\n\n[1] https://elixir.bootlin.com/linux/v6.12.62/source/net/ipv4/tcp.c#L885\n[2] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5104\n[3] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5566\n[4] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5491\n[5] https://elixir.bootlin.com/linux/v6.12.62/source/mm/slub.c#L5719",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22977",
"url": "https://www.suse.com/security/cve/CVE-2026-22977"
},
{
"category": "external",
"summary": "SUSE Bug 1257053 for CVE-2026-22977",
"url": "https://bugzilla.suse.com/1257053"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22977"
},
{
"cve": "CVE-2026-22978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: avoid kernel-infoleak from struct iw_point\n\nstruct iw_point has a 32bit hole on 64bit arches.\n\nstruct iw_point {\n void __user *pointer; /* Pointer to the data (in user space) */\n __u16 length; /* number of fields or size in bytes */\n __u16 flags; /* Optional params */\n};\n\nMake sure to zero the structure to avoid disclosing 32bits of kernel data\nto user space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22978",
"url": "https://www.suse.com/security/cve/CVE-2026-22978"
},
{
"category": "external",
"summary": "SUSE Bug 1257227 for CVE-2026-22978",
"url": "https://bugzilla.suse.com/1257227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22978"
},
{
"cve": "CVE-2026-22984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in handle_auth_done()\n\nPerform an explicit bounds check on payload_len to avoid a possible\nout-of-bounds access in the callout.\n\n[ idryomov: changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22984",
"url": "https://www.suse.com/security/cve/CVE-2026-22984"
},
{
"category": "external",
"summary": "SUSE Bug 1257217 for CVE-2026-22984",
"url": "https://bugzilla.suse.com/1257217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22984"
},
{
"cve": "CVE-2026-22985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: Fix RSS LUT NULL pointer crash on early ethtool operations\n\nThe RSS LUT is not initialized until the interface comes up, causing\nthe following NULL pointer crash when ethtool operations like rxhash on/off\nare performed before the interface is brought up for the first time.\n\nMove RSS LUT initialization from ndo_open to vport creation to ensure LUT\nis always available. This enables RSS configuration via ethtool before\nbringing the interface up. Simplify LUT management by maintaining all\nchanges in the driver\u0027s soft copy and programming zeros to the indirection\ntable when rxhash is disabled. Defer HW programming until the interface\ncomes up if it is down during rxhash and LUT configuration changes.\n\nSteps to reproduce:\n** Load idpf driver; interfaces will be created\n\tmodprobe idpf\n** Before bringing the interfaces up, turn rxhash off\n\tethtool -K eth2 rxhash off\n\n[89408.371875] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[89408.371908] #PF: supervisor read access in kernel mode\n[89408.371924] #PF: error_code(0x0000) - not-present page\n[89408.371940] PGD 0 P4D 0\n[89408.371953] Oops: Oops: 0000 [#1] SMP NOPTI\n\u003csnip\u003e\n[89408.372052] RIP: 0010:memcpy_orig+0x16/0x130\n[89408.372310] Call Trace:\n[89408.372317] \u003cTASK\u003e\n[89408.372326] ? idpf_set_features+0xfc/0x180 [idpf]\n[89408.372363] __netdev_update_features+0x295/0xde0\n[89408.372384] ethnl_set_features+0x15e/0x460\n[89408.372406] genl_family_rcv_msg_doit+0x11f/0x180\n[89408.372429] genl_rcv_msg+0x1ad/0x2b0\n[89408.372446] ? __pfx_ethnl_set_features+0x10/0x10\n[89408.372465] ? __pfx_genl_rcv_msg+0x10/0x10\n[89408.372482] netlink_rcv_skb+0x58/0x100\n[89408.372502] genl_rcv+0x2c/0x50\n[89408.372516] netlink_unicast+0x289/0x3e0\n[89408.372533] netlink_sendmsg+0x215/0x440\n[89408.372551] __sys_sendto+0x234/0x240\n[89408.372571] __x64_sys_sendto+0x28/0x30\n[89408.372585] x64_sys_call+0x1909/0x1da0\n[89408.372604] do_syscall_64+0x7a/0xfa0\n[89408.373140] ? clear_bhb_loop+0x60/0xb0\n[89408.373647] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[89408.378887] \u003c/TASK\u003e\n\u003csnip\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22985",
"url": "https://www.suse.com/security/cve/CVE-2026-22985"
},
{
"category": "external",
"summary": "SUSE Bug 1257277 for CVE-2026-22985",
"url": "https://bugzilla.suse.com/1257277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22985"
},
{
"cve": "CVE-2026-22988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: do not assume dev_hard_header() does not change skb-\u003ehead\n\narp_create() is the only dev_hard_header() caller\nmaking assumption about skb-\u003ehead being unchanged.\n\nA recent commit broke this assumption.\n\nInitialize @arp pointer after dev_hard_header() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22988",
"url": "https://www.suse.com/security/cve/CVE-2026-22988"
},
{
"category": "external",
"summary": "SUSE Bug 1257282 for CVE-2026-22988",
"url": "https://bugzilla.suse.com/1257282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22988"
},
{
"cve": "CVE-2026-22990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: replace overzealous BUG_ON in osdmap_apply_incremental()\n\nIf the osdmap is (maliciously) corrupted such that the incremental\nosdmap epoch is different from what is expected, there is no need to\nBUG. Instead, just declare the incremental osdmap to be invalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22990",
"url": "https://www.suse.com/security/cve/CVE-2026-22990"
},
{
"category": "external",
"summary": "SUSE Bug 1257221 for CVE-2026-22990",
"url": "https://bugzilla.suse.com/1257221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22990"
},
{
"cve": "CVE-2026-22991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: make free_choose_arg_map() resilient to partial allocation\n\nfree_choose_arg_map() may dereference a NULL pointer if its caller fails\nafter a partial allocation.\n\nFor example, in decode_choose_args(), if allocation of arg_map-\u003eargs\nfails, execution jumps to the fail label and free_choose_arg_map() is\ncalled. Since arg_map-\u003esize is updated to a non-zero value before memory\nallocation, free_choose_arg_map() will iterate over arg_map-\u003eargs and\ndereference a NULL pointer.\n\nTo prevent this potential NULL pointer dereference and make\nfree_choose_arg_map() more resilient, add checks for pointers before\niterating.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22991",
"url": "https://www.suse.com/security/cve/CVE-2026-22991"
},
{
"category": "external",
"summary": "SUSE Bug 1257220 for CVE-2026-22991",
"url": "https://bugzilla.suse.com/1257220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22991"
},
{
"cve": "CVE-2026-22992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: return the handler error from mon_handle_auth_done()\n\nCurrently any error from ceph_auth_handle_reply_done() is propagated\nvia finish_auth() but isn\u0027t returned from mon_handle_auth_done(). This\nresults in higher layers learning that (despite the monitor considering\nus to be successfully authenticated) something went wrong in the\nauthentication phase and reacting accordingly, but msgr2 still trying\nto proceed with establishing the session in the background. In the\ncase of secure mode this can trigger a WARN in setup_crypto() and later\nlead to a NULL pointer dereference inside of prepare_auth_signature().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22992",
"url": "https://www.suse.com/security/cve/CVE-2026-22992"
},
{
"category": "external",
"summary": "SUSE Bug 1257218 for CVE-2026-22992",
"url": "https://bugzilla.suse.com/1257218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22992"
},
{
"cve": "CVE-2026-22993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: Fix RSS LUT NULL ptr issue after soft reset\n\nDuring soft reset, the RSS LUT is freed and not restored unless the\ninterface is up. If an ethtool command that accesses the rss lut is\nattempted immediately after reset, it will result in NULL ptr\ndereference. Also, there is no need to reset the rss lut if the soft reset\ndoes not involve queue count change.\n\nAfter soft reset, set the RSS LUT to default values based on the updated\nqueue count only if the reset was a result of a queue count change and\nthe LUT was not configured by the user. In all other cases, don\u0027t touch\nthe LUT.\n\nSteps to reproduce:\n\n** Bring the interface down (if up)\nifconfig eth1 down\n\n** update the queue count (eg., 27-\u003e20)\nethtool -L eth1 combined 20\n\n** display the RSS LUT\nethtool -x eth1\n\n[82375.558338] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[82375.558373] #PF: supervisor read access in kernel mode\n[82375.558391] #PF: error_code(0x0000) - not-present page\n[82375.558408] PGD 0 P4D 0\n[82375.558421] Oops: Oops: 0000 [#1] SMP NOPTI\n\u003csnip\u003e\n[82375.558516] RIP: 0010:idpf_get_rxfh+0x108/0x150 [idpf]\n[82375.558786] Call Trace:\n[82375.558793] \u003cTASK\u003e\n[82375.558804] rss_prepare.isra.0+0x187/0x2a0\n[82375.558827] rss_prepare_data+0x3a/0x50\n[82375.558845] ethnl_default_doit+0x13d/0x3e0\n[82375.558863] genl_family_rcv_msg_doit+0x11f/0x180\n[82375.558886] genl_rcv_msg+0x1ad/0x2b0\n[82375.558902] ? __pfx_ethnl_default_doit+0x10/0x10\n[82375.558920] ? __pfx_genl_rcv_msg+0x10/0x10\n[82375.558937] netlink_rcv_skb+0x58/0x100\n[82375.558957] genl_rcv+0x2c/0x50\n[82375.558971] netlink_unicast+0x289/0x3e0\n[82375.558988] netlink_sendmsg+0x215/0x440\n[82375.559005] __sys_sendto+0x234/0x240\n[82375.559555] __x64_sys_sendto+0x28/0x30\n[82375.560068] x64_sys_call+0x1909/0x1da0\n[82375.560576] do_syscall_64+0x7a/0xfa0\n[82375.561076] ? clear_bhb_loop+0x60/0xb0\n[82375.561567] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003csnip\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22993",
"url": "https://www.suse.com/security/cve/CVE-2026-22993"
},
{
"category": "external",
"summary": "SUSE Bug 1257180 for CVE-2026-22993",
"url": "https://bugzilla.suse.com/1257180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22993"
},
{
"cve": "CVE-2026-22996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Don\u0027t store mlx5e_priv in mlx5e_dev devlink priv\n\nmlx5e_priv is an unstable structure that can be memset(0) if profile\nattaching fails, mlx5e_priv in mlx5e_dev devlink private is used to\nreference the netdev and mdev associated with that struct. Instead,\nstore netdev directly into mlx5e_dev and get mdev from the containing\nmlx5_adev aux device structure.\n\nThis fixes a kernel oops in mlx5e_remove when switchdev mode fails due\nto change profile failure.\n\n$ devlink dev eswitch set pci/0000:00:03.0 mode switchdev\nError: mlx5_core: Failed setting eswitch to offloads.\ndmesg:\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n\n$ devlink dev reload pci/0000:00:03.0 ==\u003e oops\n\nBUG: kernel NULL pointer dereference, address: 0000000000000520\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 3 UID: 0 PID: 521 Comm: devlink Not tainted 6.18.0-rc5+ #117 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:mlx5e_remove+0x68/0x130\nRSP: 0018:ffffc900034838f0 EFLAGS: 00010246\nRAX: ffff88810283c380 RBX: ffff888101874400 RCX: ffffffff826ffc45\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffff888102d789c0 R08: ffff8881007137f0 R09: ffff888100264e10\nR10: ffffc90003483898 R11: ffffc900034838a0 R12: ffff888100d261a0\nR13: ffff888100d261a0 R14: ffff8881018749a0 R15: ffff888101874400\nFS: 00007f8565fea740(0000) GS:ffff88856a759000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000520 CR3: 000000010b11a004 CR4: 0000000000370ef0\nCall Trace:\n \u003cTASK\u003e\n device_release_driver_internal+0x19c/0x200\n bus_remove_device+0xc6/0x130\n device_del+0x160/0x3d0\n ? devl_param_driverinit_value_get+0x2d/0x90\n mlx5_detach_device+0x89/0xe0\n mlx5_unload_one_devl_locked+0x3a/0x70\n mlx5_devlink_reload_down+0xc8/0x220\n devlink_reload+0x7d/0x260\n devlink_nl_reload_doit+0x45b/0x5a0\n genl_family_rcv_msg_doit+0xe8/0x140",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22996",
"url": "https://www.suse.com/security/cve/CVE-2026-22996"
},
{
"category": "external",
"summary": "SUSE Bug 1257203 for CVE-2026-22996",
"url": "https://bugzilla.suse.com/1257203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22996"
},
{
"cve": "CVE-2026-22997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts\n\nSince j1939_session_deactivate_activate_next() in j1939_tp_rxtimer() is\ncalled only when the timer is enabled, we need to call\nj1939_session_deactivate_activate_next() if we cancelled the timer.\nOtherwise, refcount for j1939_session leaks, which will later appear as\n\n| unregister_netdevice: waiting for vcan0 to become free. Usage count = 2.\n\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22997",
"url": "https://www.suse.com/security/cve/CVE-2026-22997"
},
{
"category": "external",
"summary": "SUSE Bug 1257202 for CVE-2026-22997",
"url": "https://bugzilla.suse.com/1257202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-22997"
},
{
"cve": "CVE-2026-22999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: do not free existing class in qfq_change_class()\n\nFixes qfq_change_class() error case.\n\ncl-\u003eqdisc and cl should only be freed if a new class and qdisc\nwere allocated, or we risk various UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22999",
"url": "https://www.suse.com/security/cve/CVE-2026-22999"
},
{
"category": "external",
"summary": "SUSE Bug 1257236 for CVE-2026-22999",
"url": "https://bugzilla.suse.com/1257236"
},
{
"category": "external",
"summary": "SUSE Bug 1257238 for CVE-2026-22999",
"url": "https://bugzilla.suse.com/1257238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2026-22999"
},
{
"cve": "CVE-2026-23000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix crash on profile change rollback failure\n\nmlx5e_netdev_change_profile can fail to attach a new profile and can\nfail to rollback to old profile, in such case, we could end up with a\ndangling netdev with a fully reset netdev_priv. A retry to change\nprofile, e.g. another attempt to call mlx5e_netdev_change_profile via\nswitchdev mode change, will crash trying to access the now NULL\npriv-\u003emdev.\n\nThis fix allows mlx5e_netdev_change_profile() to handle previous\nfailures and an empty priv, by not assuming priv is valid.\n\nPass netdev and mdev to all flows requiring\nmlx5e_netdev_change_profile() and avoid passing priv.\nIn mlx5e_netdev_change_profile() check if current priv is valid, and if\nnot, just attach the new profile without trying to access the old one.\n\nThis fixes the following oops, when enabling switchdev mode for the 2nd\ntime after first time failure:\n\n ## Enabling switchdev mode first time:\n\nmlx5_core 0012:03:00.1: E-Switch: Supported tc chains and prios offload\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n ^^^^^^^^\nmlx5_core 0000:00:03.0: E-Switch: Disable: mode(LEGACY), nvfs(0), necvfs(0), active vports(0)\n\n ## retry: Enabling switchdev mode 2nd time:\n\nmlx5_core 0000:00:03.0: E-Switch: Supported tc chains and prios offload\nBUG: kernel NULL pointer dereference, address: 0000000000000038\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 13 UID: 0 PID: 520 Comm: devlink Not tainted 6.18.0-rc4+ #91 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:mlx5e_detach_netdev+0x3c/0x90\nCode: 50 00 00 f0 80 4f 78 02 48 8b bf e8 07 00 00 48 85 ff 74 16 48 8b 73 78 48 d1 ee 83 e6 01 83 f6 01 40 0f b6 f6 e8 c4 42 00 00 \u003c48\u003e 8b 45 38 48 85 c0 74 08 48 89 df e8 cc 47 40 1e 48 8b bb f0 07\nRSP: 0018:ffffc90000673890 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff8881036a89c0 RCX: 0000000000000000\nRDX: ffff888113f63800 RSI: ffffffff822fe720 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000002dcd R09: 0000000000000000\nR10: ffffc900006738e8 R11: 00000000ffffffff R12: 0000000000000000\nR13: 0000000000000000 R14: ffff8881036a89c0 R15: 0000000000000000\nFS: 00007fdfb8384740(0000) GS:ffff88856a9d6000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000038 CR3: 0000000112ae0005 CR4: 0000000000370ef0\nCall Trace:\n \u003cTASK\u003e\n mlx5e_netdev_change_profile+0x45/0xb0\n mlx5e_vport_rep_load+0x27b/0x2d0\n mlx5_esw_offloads_rep_load+0x72/0xf0\n esw_offloads_enable+0x5d0/0x970\n mlx5_eswitch_enable_locked+0x349/0x430\n ? is_mp_supported+0x57/0xb0\n mlx5_devlink_eswitch_mode_set+0x26b/0x430\n devlink_nl_eswitch_set_doit+0x6f/0xf0\n genl_family_rcv_msg_doit+0xe8/0x140\n genl_rcv_msg+0x18b/0x290\n ? __pfx_devlink_nl_pre_doit+0x10/0x10\n ? __pfx_devlink_nl_eswitch_set_doit+0x10/0x10\n ? __pfx_devlink_nl_post_doit+0x10/0x10\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x52/0x100\n genl_rcv+0x28/0x40\n netlink_unicast+0x282/0x3e0\n ? __alloc_skb+0xd6/0x190\n netlink_sendmsg+0x1f7/0x430\n __sys_sendto+0x213/0x220\n ? __sys_recvmsg+0x6a/0xd0\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x50/0x1f0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7fdfb8495047",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23000",
"url": "https://www.suse.com/security/cve/CVE-2026-23000"
},
{
"category": "external",
"summary": "SUSE Bug 1257234 for CVE-2026-23000",
"url": "https://bugzilla.suse.com/1257234"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-23000"
},
{
"cve": "CVE-2026-23001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: fix possible UAF in macvlan_forward_source()\n\nAdd RCU protection on (struct macvlan_source_entry)-\u003evlan.\n\nWhenever macvlan_hash_del_source() is called, we must clear\nentry-\u003evlan pointer before RCU grace period starts.\n\nThis allows macvlan_forward_source() to skip over\nentries queued for freeing.\n\nNote that macvlan_dev are already RCU protected, as they\nare embedded in a standard netdev (netdev_priv(ndev)).\n\nhttps: //lore.kernel.org/netdev/695fb1e8.050a0220.1c677c.039f.GAE@google.com/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23001",
"url": "https://www.suse.com/security/cve/CVE-2026-23001"
},
{
"category": "external",
"summary": "SUSE Bug 1257232 for CVE-2026-23001",
"url": "https://bugzilla.suse.com/1257232"
},
{
"category": "external",
"summary": "SUSE Bug 1257233 for CVE-2026-23001",
"url": "https://bugzilla.suse.com/1257233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "important"
}
],
"title": "CVE-2026-23001"
},
{
"cve": "CVE-2026-23005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1\n\nWhen loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in\nresponse to a guest WRMSR, clear XFD-disabled features in the saved (or to\nbe restored) XSTATE_BV to ensure KVM doesn\u0027t attempt to load state for\nfeatures that are disabled via the guest\u0027s XFD. Because the kernel\nexecutes XRSTOR with the guest\u0027s XFD, saving XSTATE_BV[i]=1 with XFD[i]=1\nwill cause XRSTOR to #NM and panic the kernel.\n\nE.g. if fpu_update_guest_xfd() sets XFD without clearing XSTATE_BV:\n\n ------------[ cut here ]------------\n WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#29: amx_test/848\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 29 UID: 1000 PID: 848 Comm: amx_test Not tainted 6.19.0-rc2-ffa07f7fd437-x86_amx_nm_xfd_non_init-vm #171 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:exc_device_not_available+0x101/0x110\n Call Trace:\n \u003cTASK\u003e\n asm_exc_device_not_available+0x1a/0x20\n RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90\n switch_fpu_return+0x4a/0xb0\n kvm_arch_vcpu_ioctl_run+0x1245/0x1e40 [kvm]\n kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm]\n __x64_sys_ioctl+0x8f/0xd0\n do_syscall_64+0x62/0x940\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nThis can happen if the guest executes WRMSR(MSR_IA32_XFD) to set XFD[18] = 1,\nand a host IRQ triggers kernel_fpu_begin() prior to the vmexit handler\u0027s\ncall to fpu_update_guest_xfd().\n\nand if userspace stuffs XSTATE_BV[i]=1 via KVM_SET_XSAVE:\n\n ------------[ cut here ]------------\n WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#14: amx_test/867\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 14 UID: 1000 PID: 867 Comm: amx_test Not tainted 6.19.0-rc2-2dace9faccd6-x86_amx_nm_xfd_non_init-vm #168 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:exc_device_not_available+0x101/0x110\n Call Trace:\n \u003cTASK\u003e\n asm_exc_device_not_available+0x1a/0x20\n RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90\n fpu_swap_kvm_fpstate+0x6b/0x120\n kvm_load_guest_fpu+0x30/0x80 [kvm]\n kvm_arch_vcpu_ioctl_run+0x85/0x1e40 [kvm]\n kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm]\n __x64_sys_ioctl+0x8f/0xd0\n do_syscall_64+0x62/0x940\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nThe new behavior is consistent with the AMX architecture. Per Intel\u0027s SDM,\nXSAVE saves XSTATE_BV as \u00270\u0027 for components that are disabled via XFD\n(and non-compacted XSAVE saves the initial configuration of the state\ncomponent):\n\n If XSAVE, XSAVEC, XSAVEOPT, or XSAVES is saving the state component i,\n the instruction does not generate #NM when XCR0[i] = IA32_XFD[i] = 1;\n instead, it operates as if XINUSE[i] = 0 (and the state component was\n in its initial state): it saves bit i of XSTATE_BV field of the XSAVE\n header as 0; in addition, XSAVE saves the initial configuration of the\n state component (the other instructions do not save state component i).\n\nAlternatively, KVM could always do XRSTOR with XFD=0, e.g. by using\na constant XFD based on the set of enabled features when XSAVEing for\na struct fpu_guest. However, having XSTATE_BV[i]=1 for XFD-disabled\nfeatures can only happen in the above interrupt case, or in similar\nscenarios involving preemption on preemptible kernels, because\nfpu_swap_kvm_fpstate()\u0027s call to save_fpregs_to_fpstate() saves the\noutgoing FPU state with the current XFD; and that is (on all but the\nfirst WRMSR to XFD) the guest XFD.\n\nTherefore, XFD can only go out of sync with XSTATE_BV in the above\ninterrupt case, or in similar scenarios involving preemption on\npreemptible kernels, and it we can consider it (de facto) part of KVM\nABI that KVM_GET_XSAVE returns XSTATE_BV[i]=0 for XFD-disabled features.\n\n[Move clea\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23005",
"url": "https://www.suse.com/security/cve/CVE-2026-23005"
},
{
"category": "external",
"summary": "SUSE Bug 1257245 for CVE-2026-23005",
"url": "https://bugzilla.suse.com/1257245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-23005"
},
{
"cve": "CVE-2026-23006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: tlv320adcx140: fix null pointer\n\nThe \"snd_soc_component\" in \"adcx140_priv\" was only used once but never\nset. It was only used for reaching \"dev\" which is already present in\n\"adcx140_priv\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23006",
"url": "https://www.suse.com/security/cve/CVE-2026-23006"
},
{
"category": "external",
"summary": "SUSE Bug 1257208 for CVE-2026-23006",
"url": "https://bugzilla.suse.com/1257208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-23006"
},
{
"cve": "CVE-2026-23011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_gre: make ipgre_header() robust\n\nAnalog to commit db5b4e39c4e6 (\"ip6_gre: make ip6gre_header() robust\")\n\nOver the years, syzbot found many ways to crash the kernel\nin ipgre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ipgre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff89ea3cb7 len:2030915468 put:2030915372 head:ffff888058b43000 data:ffff887fdfa6e194 tail:0x120 end:0x6c0 dev:team0\n kernel BUG at net/core/skbuff.c:213 !\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 1 UID: 0 PID: 1322 Comm: kworker/1:9 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: mld mld_ifc_work\n RIP: 0010:skb_panic+0x157/0x160 net/core/skbuff.c:213\nCall Trace:\n \u003cTASK\u003e\n skb_under_panic net/core/skbuff.c:223 [inline]\n skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n ipgre_header+0x67/0x290 net/ipv4/ip_gre.c:897\n dev_hard_header include/linux/netdevice.h:3436 [inline]\n neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23011",
"url": "https://www.suse.com/security/cve/CVE-2026-23011"
},
{
"category": "external",
"summary": "SUSE Bug 1257207 for CVE-2026-23011",
"url": "https://bugzilla.suse.com/1257207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_31-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.31.1.150700.17.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.31.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.31.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T14:05:07Z",
"details": "moderate"
}
],
"title": "CVE-2026-23011"
}
]
}
SUSE-SU-2026:0587-1
Vulnerability from csaf_suse - Published: 2026-02-20 10:04 - Updated: 2026-02-20 10:04Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).
- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).
- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
(bsc#1256645).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix 'UBSAN: shift-out-of-bounds error' (bsc#1256760).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).
- CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
The following non security issues were fixed:
- ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).
- ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes).
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- ALSA: usb: Increase volume range that triggers a warning (git-fixes).
- ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).
- ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).
- ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).
- ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).
- ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).
- ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).
- ASoC: tlv320adcx140: fix null pointer (git-fixes).
- ASoC: tlv320adcx140: fix word length (git-fixes).
- Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes).
- Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes).
- HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).
- Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).
- Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).
- NFS: Fix up the automount fs_context to use the correct cred (git-fixes).
- NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes).
- NFSD: Fix permission check for read access to executable-only files (git-fixes).
- NFSD: use correct reservation type in nfsd4_scsi_fence_client (git-fixes).
- NFSv4: ensure the open stateid seqid doesn't go backwards (git-fixes).
- RDMA/mana_ib: Access remote atomic for MRs (git-fixes).
- RDMA/mana_ib: Add device statistics support (git-fixes).
- RDMA/mana_ib: Add port statistics support (git-fixes).
- RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).
- RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).
- RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).
- RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).
- RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).
- RDMA/mana_ib: Extend modify QP (git-fixes).
- RDMA/mana_ib: Fix error code in probe() (git-fixes).
- RDMA/mana_ib: Fix integer overflow during queue creation (git-fixes).
- RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).
- RDMA/mana_ib: Implement DMABUF MR support (git-fixes).
- RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes).
- RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).
- RDMA/mana_ib: UD/GSI work requests (git-fixes).
- RDMA/mana_ib: Use safer allocation function() (git-fixes).
- RDMA/mana_ib: add additional port counters (git-fixes).
- RDMA/mana_ib: add support of multiple ports (git-fixes).
- RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).
- RDMA/mana_ib: create kernel-level CQs (git-fixes).
- RDMA/mana_ib: create/destroy AH (git-fixes).
- RDMA/mana_ib: extend mana QP table (git-fixes).
- RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).
- RDMA/mana_ib: implement get_dma_mr (git-fixes).
- RDMA/mana_ib: implement req_notify_cq (git-fixes).
- RDMA/mana_ib: indicate CM support (git-fixes).
- RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).
- RDMA/mana_ib: request error CQEs when supported (git-fixes).
- RDMA/mana_ib: support of the zero based MRs (git-fixes).
- RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes).
- Revert 'nfc/nci: Add the inconsistency check between the input data length and count' (git-fixes).
- USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).
- USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).
- USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).
- ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes).
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- bs-upload-kernel: Fix cve branch uploads.
- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).
- can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).
- can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes).
- can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes).
- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: add new field to track the last access time of cfid (git-fixes).
- cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).
- cifs: avoid redundant calls to disable multichannel (git-fixes).
- cifs: cifs_pick_channel should try selecting active channels (git-fixes).
- cifs: deal with the channel loading lag while picking channels (git-fixes).
- cifs: dns resolution is needed only for primary channel (git-fixes).
- cifs: do not disable interface polling on failure (git-fixes).
- cifs: do not search for channel if server is terminating (git-fixes).
- cifs: fix a pending undercount of srv_count (git-fixes).
- cifs: fix lock ordering while disabling multichannel (git-fixes).
- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).
- cifs: fix use after free for iface while disabling secondary channels (git-fixes).
- cifs: handle servers that still advertise multichannel after disabling (git-fixes).
- cifs: handle when server starts supporting multichannel (git-fixes).
- cifs: handle when server stops supporting multichannel (git-fixes).
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).
- cifs: make sure that channel scaling is done only once (git-fixes).
- cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).
- cifs: reset connections for all channels when reconnect requested (git-fixes).
- cifs: reset iface weights when we cannot find a candidate (git-fixes).
- cifs: serialize other channels when query server interfaces is pending (git-fixes).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).
- comedi: dmm32at: serialize use of paged registers (git-fixes).
- comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes).
- cpuset: fix warning when disabling remote partition (bsc#1256794).
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes).
- dmaengine: apple-admac: Add 'apple,t8103-admac' compatible (git-fixes).
- dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes).
- dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).
- dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).
- dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).
- dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).
- dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).
- dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes).
- dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes).
- dmaengine: tegra-adma: Fix use-after-free (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).
- dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).
- dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).
- dmaengine: xilinx_dma: Fix uninitialized addr_width when 'xlnx,addrwidth' property is missing (git-fixes).
- dpll: Prevent duplicate registrations (git-fixes).
- dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).
- dpll: fix return value check for kmemdup (git-fixes).
- dpll: indent DPLL option type by a tab (git-fixes).
- dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).
- drm/amd/display: Apply e4479aecf658 to dml (stable-fixes).
- drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).
- drm/amd/display: Fix DP no audio issue (stable-fixes).
- drm/amd/display: Initialise backlight level values from hw (git-fixes).
- drm/amd/display: Respect user's CONFIG_FRAME_WARN more for dml files (stable-fixes).
- drm/amd/display: shrink struct members (stable-fixes).
- drm/amd/pm: Don't clear SI SMC table when setting power limit (git-fixes).
- drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).
- drm/amd/pm: fix race in power state check before mutex lock (git-fixes).
- drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes).
- drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).
- drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes).
- drm/amdgpu: Fix query for VPE block_type and ip_count (stable-fixes).
- drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes).
- drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes).
- drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes).
- drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes).
- drm/imagination: Wait for FW trace update command completion (git-fixes).
- drm/imx/tve: fix probe device leak (git-fixes).
- drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).
- drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes).
- drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes).
- drm/nouveau: add missing DCB connector types (git-fixes).
- drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).
- drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).
- drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes).
- drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes).
- drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions (git-fixes).
- exfat: check return value of sb_min_blocksize in exfat_read_boot_sector (git-fixes).
- exfat: fix remount failure in different process environments (git-fixes).
- gpio: omap: do not register driver in probe() (git-fixes).
- gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).
- gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes).
- gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).
- gpio: pca953x: fix wrong error probe return value (git-fixes).
- gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).
- gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- iio: accel: iis328dq: fix gain values (git-fixes).
- iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).
- iio: adc: ad9467: fix ad9434 vref mask (git-fixes).
- iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes).
- iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes).
- iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes).
- intel_th: fix device leak on output open() (git-fixes).
- leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).
- lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).
- mISDN: annotate data-race around dev->work (git-fixes).
- mei: me: add nova lake point S DID (stable-fixes).
- mei: me: add wildcat lake P DID (stable-fixes).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087 bsc#1254447).
- mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes).
- mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).
- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: mana: Add metadata support for xdp mode (git-fixes).
- net: mana: Add standard counter rx_missed_errors (git-fixes).
- net: mana: Add support for auxiliary device servicing events (git-fixes).
- net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).
- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).
- net: mana: Fix use-after-free in reset service rescan path (git-fixes).
- net: mana: Fix warnings for missing export.h header inclusion (git-fixes).
- net: mana: Handle Reset Request from MANA NIC (git-fixes).
- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
- net: mana: Handle hardware recovery events when probing the device (git-fixes).
- net: mana: Handle unsupported HWC commands (git-fixes).
- net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).
- net: mana: Probe rdma device in mana driver (git-fixes).
- net: mana: Reduce waiting time if HWC not responding (git-fixes).
- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: usb: dm9601: remove broken SR9700 support (git-fixes).
- net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes).
- nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes).
- nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes).
- nfsd: Drop the client reference in client_states_open() (git-fixes).
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).
- nvmet-auth: update sc_c in host response (git-fixes).
- nvmet-auth: update sc_c in target host hash calculation (git-fixes).
- of: fix reference count leak in of_alias_scan() (git-fixes).
- of: platform: Use default match table for /firmware (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).
- phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).
- phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).
- phy: stm32-usphyc: Fix off by one in probe() (git-fixes).
- phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes).
- platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes).
- platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes).
- platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (git-fixes).
- platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes).
- pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (git-fixes).
- powercap: fix race condition in register_control_type() (stable-fixes).
- powercap: fix sscanf() error return value handling (stable-fixes).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).
- sched/rt: Skip group schedulable check with rt_group_sched=0 (bsc#1256568).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- scripts/python/git_sort/git_sort.yaml: add cifs for-next repository.
- scripts: obsapi: Support URL trailing / in oscrc.
- scripts: teaapi: Add paging.
- scripts: uploader: Fix no change condition for _maintainership.json.
- scripts: uploader: Handle missing upstream in is_pr_open.
- scrits: teaapi: Add list_repos.
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes).
- selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).
- serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).
- slimbus: core: fix OF node leak on registration failure (git-fixes).
- slimbus: core: fix device reference leak on report present (git-fixes).
- slimbus: core: fix of_slim_get_device() kernel doc (git-fixes).
- slimbus: core: fix runtime PM imbalance on report present (git-fixes).
- smb3: add missing null server pointer check (git-fixes).
- smb: change return type of cached_dir_lease_break() to bool (git-fixes).
- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).
- smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes).
- smb: client: fix warning when reconnecting channel (git-fixes).
- smb: client: introduce close_cached_dir_locked() (git-fixes).
- smb: client: remove unused fid_lock (git-fixes).
- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748 bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).
- spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes).
- spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes).
- svcrdma: return 0 on success from svc_rdma_copy_inline_range (git-fixes).
- uacce: ensure safe queue release with state management (git-fixes).
- uacce: fix cdev handling in the cleanup path (git-fixes).
- uacce: fix isolate sysfs check condition (git-fixes).
- uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes).
- usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes).
- usb: dwc3: Check for USB4 IP_NAME (stable-fixes).
- usbnet: limit max_mtu based on device's hard_mtu (git-fixes).
- w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes).
- w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).
- wifi: ath10k: fix dma_free_coherent() pointer (git-fixes).
- wifi: ath12k: fix dma_free_coherent() pointer (git-fixes).
- wifi: mac80211: correctly decode TTLM with default link map (git-fixes).
- wifi: mac80211: don't perform DA check on S1G beacon (git-fixes).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches
(bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
- x86: make page fault handling disable interrupts properly (git-fixes).
Patchnames
SUSE-2026-587,SUSE-SLE-Module-Live-Patching-15-SP7-2026-587,SUSE-SLE-Module-RT-15-SP7-2026-587
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).\n- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).\n- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).\n- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).\n- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).\n- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).\n- CVE-2025-40261: nvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).\n- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).\n- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).\n- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).\n- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).\n- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).\n- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).\n- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).\n- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).\n- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).\n- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).\n- CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226).\n- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).\n- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).\n- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).\n- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).\n- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).\n- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).\n- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).\n- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).\n- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).\n- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).\n- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).\n- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).\n- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).\n- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).\n- CVE-2025-68363: bpf: Check skb-\u003etransport_header is set in bpf_skb_check_mtu (bsc#1255552).\n- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).\n- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).\n- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).\n- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).\n- CVE-2025-68379: RDMA/rxe: Fix null deref on srq-\u003erq.queue after resize failure (bsc#1255695).\n- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).\n- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).\n- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).\n- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).\n- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).\n- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).\n- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).\n- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).\n- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).\n- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).\n- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).\n- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).\n- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).\n- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).\n- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).\n- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).\n- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).\n- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).\n- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).\n- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).\n- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n (bsc#1256645).\n- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).\n- CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).\n- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).\n- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).\n- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).\n- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).\n- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).\n- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).\n- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).\n- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).\n- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).\n- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).\n- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).\n- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).\n- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).\n- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).\n- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).\n- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).\n- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).\n- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).\n- CVE-2025-71137: octeontx2-pf: fix \u0027UBSAN: shift-out-of-bounds error\u0027 (bsc#1256760).\n- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).\n- CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).\n- CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).\n- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).\n- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).\n- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).\n- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).\n- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).\n- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).\n- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).\n- CVE-2026-22996: net/mlx5e: Don\u0027t store mlx5e_priv in mlx5e_dev devlink priv.\n- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).\n- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).\n- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).\n- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).\n- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).\n\nThe following non security issues were fixed:\n\n- ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).\n- ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).\n- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes).\n- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).\n- ALSA: usb: Increase volume range that triggers a warning (git-fixes).\n- ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).\n- ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).\n- ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).\n- ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).\n- ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).\n- ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).\n- ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).\n- ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).\n- ASoC: tlv320adcx140: fix null pointer (git-fixes).\n- ASoC: tlv320adcx140: fix word length (git-fixes).\n- Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes).\n- Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes).\n- HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).\n- Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).\n- Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).\n- NFS: Fix up the automount fs_context to use the correct cred (git-fixes).\n- NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes).\n- NFSD: Fix permission check for read access to executable-only files (git-fixes).\n- NFSD: use correct reservation type in nfsd4_scsi_fence_client (git-fixes).\n- NFSv4: ensure the open stateid seqid doesn\u0027t go backwards (git-fixes).\n- RDMA/mana_ib: Access remote atomic for MRs (git-fixes).\n- RDMA/mana_ib: Add device statistics support (git-fixes).\n- RDMA/mana_ib: Add port statistics support (git-fixes).\n- RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).\n- RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).\n- RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).\n- RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).\n- RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).\n- RDMA/mana_ib: Extend modify QP (git-fixes).\n- RDMA/mana_ib: Fix error code in probe() (git-fixes).\n- RDMA/mana_ib: Fix integer overflow during queue creation (git-fixes).\n- RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).\n- RDMA/mana_ib: Implement DMABUF MR support (git-fixes).\n- RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes).\n- RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).\n- RDMA/mana_ib: UD/GSI work requests (git-fixes).\n- RDMA/mana_ib: Use safer allocation function() (git-fixes).\n- RDMA/mana_ib: add additional port counters (git-fixes).\n- RDMA/mana_ib: add support of multiple ports (git-fixes).\n- RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).\n- RDMA/mana_ib: create kernel-level CQs (git-fixes).\n- RDMA/mana_ib: create/destroy AH (git-fixes).\n- RDMA/mana_ib: extend mana QP table (git-fixes).\n- RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).\n- RDMA/mana_ib: implement get_dma_mr (git-fixes).\n- RDMA/mana_ib: implement req_notify_cq (git-fixes).\n- RDMA/mana_ib: indicate CM support (git-fixes).\n- RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).\n- RDMA/mana_ib: request error CQEs when supported (git-fixes).\n- RDMA/mana_ib: support of the zero based MRs (git-fixes).\n- RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes).\n- Revert \u0027nfc/nci: Add the inconsistency check between the input data length and count\u0027 (git-fixes).\n- USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).\n- USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).\n- USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).\n- ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes).\n- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).\n- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).\n- bs-upload-kernel: Fix cve branch uploads.\n- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).\n- can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).\n- can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes).\n- can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).\n- can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes).\n- can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes).\n- can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes).\n- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes).\n- can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes).\n- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes).\n- cifs: Fix copy offload to flush destination region (bsc#1252511).\n- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).\n- cifs: add new field to track the last access time of cfid (git-fixes).\n- cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).\n- cifs: avoid redundant calls to disable multichannel (git-fixes).\n- cifs: cifs_pick_channel should try selecting active channels (git-fixes).\n- cifs: deal with the channel loading lag while picking channels (git-fixes).\n- cifs: dns resolution is needed only for primary channel (git-fixes).\n- cifs: do not disable interface polling on failure (git-fixes).\n- cifs: do not search for channel if server is terminating (git-fixes).\n- cifs: fix a pending undercount of srv_count (git-fixes).\n- cifs: fix lock ordering while disabling multichannel (git-fixes).\n- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).\n- cifs: fix use after free for iface while disabling secondary channels (git-fixes).\n- cifs: handle servers that still advertise multichannel after disabling (git-fixes).\n- cifs: handle when server starts supporting multichannel (git-fixes).\n- cifs: handle when server stops supporting multichannel (git-fixes).\n- cifs: make cifs_chan_update_iface() a void function (git-fixes).\n- cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).\n- cifs: make sure that channel scaling is done only once (git-fixes).\n- cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).\n- cifs: reset connections for all channels when reconnect requested (git-fixes).\n- cifs: reset iface weights when we cannot find a candidate (git-fixes).\n- cifs: serialize other channels when query server interfaces is pending (git-fixes).\n- cifs: update dstaddr whenever channel iface is updated (git-fixes).\n- comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).\n- comedi: dmm32at: serialize use of paged registers (git-fixes).\n- comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes).\n- cpuset: fix warning when disabling remote partition (bsc#1256794).\n- crypto: authencesn - reject too-short AAD (assoclen\u003c8) to match ESP/ESN spec (git-fixes).\n- dmaengine: apple-admac: Add \u0027apple,t8103-admac\u0027 compatible (git-fixes).\n- dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes).\n- dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).\n- dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).\n- dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).\n- dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).\n- dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).\n- dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes).\n- dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes).\n- dmaengine: tegra-adma: Fix use-after-free (git-fixes).\n- dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).\n- dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).\n- dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).\n- dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).\n- dmaengine: xilinx_dma: Fix uninitialized addr_width when \u0027xlnx,addrwidth\u0027 property is missing (git-fixes).\n- dpll: Prevent duplicate registrations (git-fixes).\n- dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).\n- dpll: fix return value check for kmemdup (git-fixes).\n- dpll: indent DPLL option type by a tab (git-fixes).\n- dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).\n- drm/amd/display: Apply e4479aecf658 to dml (stable-fixes).\n- drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).\n- drm/amd/display: Fix DP no audio issue (stable-fixes).\n- drm/amd/display: Initialise backlight level values from hw (git-fixes).\n- drm/amd/display: Respect user\u0027s CONFIG_FRAME_WARN more for dml files (stable-fixes).\n- drm/amd/display: shrink struct members (stable-fixes).\n- drm/amd/pm: Don\u0027t clear SI SMC table when setting power limit (git-fixes).\n- drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).\n- drm/amd/pm: fix race in power state check before mutex lock (git-fixes).\n- drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes).\n- drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).\n- drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes).\n- drm/amdgpu: Fix query for VPE block_type and ip_count (stable-fixes).\n- drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes).\n- drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes).\n- drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes).\n- drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes).\n- drm/imagination: Wait for FW trace update command completion (git-fixes).\n- drm/imx/tve: fix probe device leak (git-fixes).\n- drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).\n- drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes).\n- drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes).\n- drm/nouveau: add missing DCB connector types (git-fixes).\n- drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).\n- drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).\n- drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes).\n- drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes).\n- drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions (git-fixes).\n- exfat: check return value of sb_min_blocksize in exfat_read_boot_sector (git-fixes).\n- exfat: fix remount failure in different process environments (git-fixes).\n- gpio: omap: do not register driver in probe() (git-fixes).\n- gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).\n- gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes).\n- gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).\n- gpio: pca953x: fix wrong error probe return value (git-fixes).\n- gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).\n- gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).\n- ice: use netif_get_num_default_rss_queues() (bsc#1247712).\n- iio: accel: iis328dq: fix gain values (git-fixes).\n- iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).\n- iio: adc: ad9467: fix ad9434 vref mask (git-fixes).\n- iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes).\n- iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes).\n- iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes).\n- intel_th: fix device leak on output open() (git-fixes).\n- leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).\n- lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).\n- mISDN: annotate data-race around dev-\u003ework (git-fixes).\n- mei: me: add nova lake point S DID (stable-fixes).\n- mei: me: add wildcat lake P DID (stable-fixes).\n- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087 bsc#1254447).\n- mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes).\n- mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).\n- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes).\n- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).\n- net: mana: Add metadata support for xdp mode (git-fixes).\n- net: mana: Add standard counter rx_missed_errors (git-fixes).\n- net: mana: Add support for auxiliary device servicing events (git-fixes).\n- net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).\n- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).\n- net: mana: Fix use-after-free in reset service rescan path (git-fixes).\n- net: mana: Fix warnings for missing export.h header inclusion (git-fixes).\n- net: mana: Handle Reset Request from MANA NIC (git-fixes).\n- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).\n- net: mana: Handle hardware recovery events when probing the device (git-fixes).\n- net: mana: Handle unsupported HWC commands (git-fixes).\n- net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).\n- net: mana: Probe rdma device in mana driver (git-fixes).\n- net: mana: Reduce waiting time if HWC not responding (git-fixes).\n- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).\n- net: tcp: allow zero-window ACK update the window (bsc#1254767).\n- net: usb: dm9601: remove broken SR9700 support (git-fixes).\n- net: wwan: t7xx: fix potential skb-\u003efrags overflow in RX path (git-fixes).\n- nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes).\n- nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes).\n- nfsd: Drop the client reference in client_states_open() (git-fixes).\n- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).\n- nvmet-auth: update sc_c in host response (git-fixes).\n- nvmet-auth: update sc_c in target host hash calculation (git-fixes).\n- of: fix reference count leak in of_alias_scan() (git-fixes).\n- of: platform: Use default match table for /firmware (git-fixes).\n- phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).\n- phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).\n- phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).\n- phy: stm32-usphyc: Fix off by one in probe() (git-fixes).\n- phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes).\n- platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes).\n- platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes).\n- platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (git-fixes).\n- platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes).\n- pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (git-fixes).\n- powercap: fix race condition in register_control_type() (stable-fixes).\n- powercap: fix sscanf() error return value handling (stable-fixes).\n- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).\n- regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).\n- sched/rt: Skip group schedulable check with rt_group_sched=0 (bsc#1256568).\n- sched: Increase sched_tick_remote timeout (bsc#1254510).\n- scripts/python/git_sort/git_sort.yaml: add cifs for-next repository.\n- scripts: obsapi: Support URL trailing / in oscrc.\n- scripts: teaapi: Add paging.\n- scripts: uploader: Fix no change condition for _maintainership.json.\n- scripts: uploader: Handle missing upstream in is_pr_open.\n- scrits: teaapi: Add list_repos.\n- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).\n- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).\n- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).\n- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).\n- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).\n- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).\n- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).\n- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).\n- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).\n- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).\n- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).\n- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).\n- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).\n- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).\n- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).\n- selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes).\n- selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).\n- serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).\n- slimbus: core: fix OF node leak on registration failure (git-fixes).\n- slimbus: core: fix device reference leak on report present (git-fixes).\n- slimbus: core: fix of_slim_get_device() kernel doc (git-fixes).\n- slimbus: core: fix runtime PM imbalance on report present (git-fixes).\n- smb3: add missing null server pointer check (git-fixes).\n- smb: change return type of cached_dir_lease_break() to bool (git-fixes).\n- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).\n- smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes).\n- smb: client: fix warning when reconnecting channel (git-fixes).\n- smb: client: introduce close_cached_dir_locked() (git-fixes).\n- smb: client: remove unused fid_lock (git-fixes).\n- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).\n- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748 bsc#1257154).\n- smb: client: update cfid-\u003elast_access_time in open_cached_dir_by_dentry() (git-fixes).\n- smb: improve directory cache reuse for readdir operations (bsc#1252712).\n- spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).\n- spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes).\n- spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes).\n- svcrdma: return 0 on success from svc_rdma_copy_inline_range (git-fixes).\n- uacce: ensure safe queue release with state management (git-fixes).\n- uacce: fix cdev handling in the cleanup path (git-fixes).\n- uacce: fix isolate sysfs check condition (git-fixes).\n- uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes).\n- usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes).\n- usb: dwc3: Check for USB4 IP_NAME (stable-fixes).\n- usbnet: limit max_mtu based on device\u0027s hard_mtu (git-fixes).\n- w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes).\n- w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).\n- wifi: ath10k: fix dma_free_coherent() pointer (git-fixes).\n- wifi: ath12k: fix dma_free_coherent() pointer (git-fixes).\n- wifi: mac80211: correctly decode TTLM with default link map (git-fixes).\n- wifi: mac80211: don\u0027t perform DA check on S1G beacon (git-fixes).\n- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).\n- wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).\n- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).\n- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).\n- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).\n- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).\n- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).\n- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches\n (bsc#1256528).\n- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).\n- x86/microcode/AMD: Fix __apply_microcode_amd()\u0027s return value (bsc#1256528).\n- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).\n- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).\n- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).\n- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).\n- x86: make page fault handling disable interrupts properly (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-587,SUSE-SLE-Module-Live-Patching-15-SP7-2026-587,SUSE-SLE-Module-RT-15-SP7-2026-587",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0587-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0587-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260587-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0587-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024356.html"
},
{
"category": "self",
"summary": "SUSE Bug 1205462",
"url": "https://bugzilla.suse.com/1205462"
},
{
"category": "self",
"summary": "SUSE Bug 1214285",
"url": "https://bugzilla.suse.com/1214285"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1223800",
"url": "https://bugzilla.suse.com/1223800"
},
{
"category": "self",
"summary": "SUSE Bug 1228490",
"url": "https://bugzilla.suse.com/1228490"
},
{
"category": "self",
"summary": "SUSE Bug 1233563",
"url": "https://bugzilla.suse.com/1233563"
},
{
"category": "self",
"summary": "SUSE Bug 1234842",
"url": "https://bugzilla.suse.com/1234842"
},
{
"category": "self",
"summary": "SUSE Bug 1235566",
"url": "https://bugzilla.suse.com/1235566"
},
{
"category": "self",
"summary": "SUSE Bug 1241437",
"url": "https://bugzilla.suse.com/1241437"
},
{
"category": "self",
"summary": "SUSE Bug 1242505",
"url": "https://bugzilla.suse.com/1242505"
},
{
"category": "self",
"summary": "SUSE Bug 1242909",
"url": "https://bugzilla.suse.com/1242909"
},
{
"category": "self",
"summary": "SUSE Bug 1243662",
"url": "https://bugzilla.suse.com/1243662"
},
{
"category": "self",
"summary": "SUSE Bug 1243677",
"url": "https://bugzilla.suse.com/1243677"
},
{
"category": "self",
"summary": "SUSE Bug 1243678",
"url": "https://bugzilla.suse.com/1243678"
},
{
"category": "self",
"summary": "SUSE Bug 1245538",
"url": "https://bugzilla.suse.com/1245538"
},
{
"category": "self",
"summary": "SUSE Bug 1246022",
"url": "https://bugzilla.suse.com/1246022"
},
{
"category": "self",
"summary": "SUSE Bug 1246184",
"url": "https://bugzilla.suse.com/1246184"
},
{
"category": "self",
"summary": "SUSE Bug 1246447",
"url": "https://bugzilla.suse.com/1246447"
},
{
"category": "self",
"summary": "SUSE Bug 1247030",
"url": "https://bugzilla.suse.com/1247030"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1248211",
"url": "https://bugzilla.suse.com/1248211"
},
{
"category": "self",
"summary": "SUSE Bug 1249307",
"url": "https://bugzilla.suse.com/1249307"
},
{
"category": "self",
"summary": "SUSE Bug 1249904",
"url": "https://bugzilla.suse.com/1249904"
},
{
"category": "self",
"summary": "SUSE Bug 1250032",
"url": "https://bugzilla.suse.com/1250032"
},
{
"category": "self",
"summary": "SUSE Bug 1250082",
"url": "https://bugzilla.suse.com/1250082"
},
{
"category": "self",
"summary": "SUSE Bug 1250388",
"url": "https://bugzilla.suse.com/1250388"
},
{
"category": "self",
"summary": "SUSE Bug 1250705",
"url": "https://bugzilla.suse.com/1250705"
},
{
"category": "self",
"summary": "SUSE Bug 1250748",
"url": "https://bugzilla.suse.com/1250748"
},
{
"category": "self",
"summary": "SUSE Bug 1252511",
"url": "https://bugzilla.suse.com/1252511"
},
{
"category": "self",
"summary": "SUSE Bug 1252712",
"url": "https://bugzilla.suse.com/1252712"
},
{
"category": "self",
"summary": "SUSE Bug 1252891",
"url": "https://bugzilla.suse.com/1252891"
},
{
"category": "self",
"summary": "SUSE Bug 1252900",
"url": "https://bugzilla.suse.com/1252900"
},
{
"category": "self",
"summary": "SUSE Bug 1253087",
"url": "https://bugzilla.suse.com/1253087"
},
{
"category": "self",
"summary": "SUSE Bug 1253330",
"url": "https://bugzilla.suse.com/1253330"
},
{
"category": "self",
"summary": "SUSE Bug 1253340",
"url": "https://bugzilla.suse.com/1253340"
},
{
"category": "self",
"summary": "SUSE Bug 1253348",
"url": "https://bugzilla.suse.com/1253348"
},
{
"category": "self",
"summary": "SUSE Bug 1253433",
"url": "https://bugzilla.suse.com/1253433"
},
{
"category": "self",
"summary": "SUSE Bug 1253443",
"url": "https://bugzilla.suse.com/1253443"
},
{
"category": "self",
"summary": "SUSE Bug 1253451",
"url": "https://bugzilla.suse.com/1253451"
},
{
"category": "self",
"summary": "SUSE Bug 1253471",
"url": "https://bugzilla.suse.com/1253471"
},
{
"category": "self",
"summary": "SUSE Bug 1253739",
"url": "https://bugzilla.suse.com/1253739"
},
{
"category": "self",
"summary": "SUSE Bug 1254244",
"url": "https://bugzilla.suse.com/1254244"
},
{
"category": "self",
"summary": "SUSE Bug 1254447",
"url": "https://bugzilla.suse.com/1254447"
},
{
"category": "self",
"summary": "SUSE Bug 1254465",
"url": "https://bugzilla.suse.com/1254465"
},
{
"category": "self",
"summary": "SUSE Bug 1254510",
"url": "https://bugzilla.suse.com/1254510"
},
{
"category": "self",
"summary": "SUSE Bug 1254624",
"url": "https://bugzilla.suse.com/1254624"
},
{
"category": "self",
"summary": "SUSE Bug 1254767",
"url": "https://bugzilla.suse.com/1254767"
},
{
"category": "self",
"summary": "SUSE Bug 1254835",
"url": "https://bugzilla.suse.com/1254835"
},
{
"category": "self",
"summary": "SUSE Bug 1254839",
"url": "https://bugzilla.suse.com/1254839"
},
{
"category": "self",
"summary": "SUSE Bug 1254842",
"url": "https://bugzilla.suse.com/1254842"
},
{
"category": "self",
"summary": "SUSE Bug 1254845",
"url": "https://bugzilla.suse.com/1254845"
},
{
"category": "self",
"summary": "SUSE Bug 1254852",
"url": "https://bugzilla.suse.com/1254852"
},
{
"category": "self",
"summary": "SUSE Bug 1254871",
"url": "https://bugzilla.suse.com/1254871"
},
{
"category": "self",
"summary": "SUSE Bug 1255102",
"url": "https://bugzilla.suse.com/1255102"
},
{
"category": "self",
"summary": "SUSE Bug 1255120",
"url": "https://bugzilla.suse.com/1255120"
},
{
"category": "self",
"summary": "SUSE Bug 1255128",
"url": "https://bugzilla.suse.com/1255128"
},
{
"category": "self",
"summary": "SUSE Bug 1255138",
"url": "https://bugzilla.suse.com/1255138"
},
{
"category": "self",
"summary": "SUSE Bug 1255140",
"url": "https://bugzilla.suse.com/1255140"
},
{
"category": "self",
"summary": "SUSE Bug 1255157",
"url": "https://bugzilla.suse.com/1255157"
},
{
"category": "self",
"summary": "SUSE Bug 1255164",
"url": "https://bugzilla.suse.com/1255164"
},
{
"category": "self",
"summary": "SUSE Bug 1255172",
"url": "https://bugzilla.suse.com/1255172"
},
{
"category": "self",
"summary": "SUSE Bug 1255216",
"url": "https://bugzilla.suse.com/1255216"
},
{
"category": "self",
"summary": "SUSE Bug 1255226",
"url": "https://bugzilla.suse.com/1255226"
},
{
"category": "self",
"summary": "SUSE Bug 1255241",
"url": "https://bugzilla.suse.com/1255241"
},
{
"category": "self",
"summary": "SUSE Bug 1255255",
"url": "https://bugzilla.suse.com/1255255"
},
{
"category": "self",
"summary": "SUSE Bug 1255260",
"url": "https://bugzilla.suse.com/1255260"
},
{
"category": "self",
"summary": "SUSE Bug 1255261",
"url": "https://bugzilla.suse.com/1255261"
},
{
"category": "self",
"summary": "SUSE Bug 1255266",
"url": "https://bugzilla.suse.com/1255266"
},
{
"category": "self",
"summary": "SUSE Bug 1255268",
"url": "https://bugzilla.suse.com/1255268"
},
{
"category": "self",
"summary": "SUSE Bug 1255269",
"url": "https://bugzilla.suse.com/1255269"
},
{
"category": "self",
"summary": "SUSE Bug 1255327",
"url": "https://bugzilla.suse.com/1255327"
},
{
"category": "self",
"summary": "SUSE Bug 1255346",
"url": "https://bugzilla.suse.com/1255346"
},
{
"category": "self",
"summary": "SUSE Bug 1255377",
"url": "https://bugzilla.suse.com/1255377"
},
{
"category": "self",
"summary": "SUSE Bug 1255401",
"url": "https://bugzilla.suse.com/1255401"
},
{
"category": "self",
"summary": "SUSE Bug 1255403",
"url": "https://bugzilla.suse.com/1255403"
},
{
"category": "self",
"summary": "SUSE Bug 1255417",
"url": "https://bugzilla.suse.com/1255417"
},
{
"category": "self",
"summary": "SUSE Bug 1255482",
"url": "https://bugzilla.suse.com/1255482"
},
{
"category": "self",
"summary": "SUSE Bug 1255488",
"url": "https://bugzilla.suse.com/1255488"
},
{
"category": "self",
"summary": "SUSE Bug 1255537",
"url": "https://bugzilla.suse.com/1255537"
},
{
"category": "self",
"summary": "SUSE Bug 1255539",
"url": "https://bugzilla.suse.com/1255539"
},
{
"category": "self",
"summary": "SUSE Bug 1255544",
"url": "https://bugzilla.suse.com/1255544"
},
{
"category": "self",
"summary": "SUSE Bug 1255547",
"url": "https://bugzilla.suse.com/1255547"
},
{
"category": "self",
"summary": "SUSE Bug 1255548",
"url": "https://bugzilla.suse.com/1255548"
},
{
"category": "self",
"summary": "SUSE Bug 1255552",
"url": "https://bugzilla.suse.com/1255552"
},
{
"category": "self",
"summary": "SUSE Bug 1255568",
"url": "https://bugzilla.suse.com/1255568"
},
{
"category": "self",
"summary": "SUSE Bug 1255569",
"url": "https://bugzilla.suse.com/1255569"
},
{
"category": "self",
"summary": "SUSE Bug 1255615",
"url": "https://bugzilla.suse.com/1255615"
},
{
"category": "self",
"summary": "SUSE Bug 1255622",
"url": "https://bugzilla.suse.com/1255622"
},
{
"category": "self",
"summary": "SUSE Bug 1255695",
"url": "https://bugzilla.suse.com/1255695"
},
{
"category": "self",
"summary": "SUSE Bug 1255930",
"url": "https://bugzilla.suse.com/1255930"
},
{
"category": "self",
"summary": "SUSE Bug 1256280",
"url": "https://bugzilla.suse.com/1256280"
},
{
"category": "self",
"summary": "SUSE Bug 1256528",
"url": "https://bugzilla.suse.com/1256528"
},
{
"category": "self",
"summary": "SUSE Bug 1256568",
"url": "https://bugzilla.suse.com/1256568"
},
{
"category": "self",
"summary": "SUSE Bug 1256579",
"url": "https://bugzilla.suse.com/1256579"
},
{
"category": "self",
"summary": "SUSE Bug 1256582",
"url": "https://bugzilla.suse.com/1256582"
},
{
"category": "self",
"summary": "SUSE Bug 1256584",
"url": "https://bugzilla.suse.com/1256584"
},
{
"category": "self",
"summary": "SUSE Bug 1256586",
"url": "https://bugzilla.suse.com/1256586"
},
{
"category": "self",
"summary": "SUSE Bug 1256591",
"url": "https://bugzilla.suse.com/1256591"
},
{
"category": "self",
"summary": "SUSE Bug 1256592",
"url": "https://bugzilla.suse.com/1256592"
},
{
"category": "self",
"summary": "SUSE Bug 1256593",
"url": "https://bugzilla.suse.com/1256593"
},
{
"category": "self",
"summary": "SUSE Bug 1256594",
"url": "https://bugzilla.suse.com/1256594"
},
{
"category": "self",
"summary": "SUSE Bug 1256597",
"url": "https://bugzilla.suse.com/1256597"
},
{
"category": "self",
"summary": "SUSE Bug 1256605",
"url": "https://bugzilla.suse.com/1256605"
},
{
"category": "self",
"summary": "SUSE Bug 1256606",
"url": "https://bugzilla.suse.com/1256606"
},
{
"category": "self",
"summary": "SUSE Bug 1256607",
"url": "https://bugzilla.suse.com/1256607"
},
{
"category": "self",
"summary": "SUSE Bug 1256608",
"url": "https://bugzilla.suse.com/1256608"
},
{
"category": "self",
"summary": "SUSE Bug 1256609",
"url": "https://bugzilla.suse.com/1256609"
},
{
"category": "self",
"summary": "SUSE Bug 1256610",
"url": "https://bugzilla.suse.com/1256610"
},
{
"category": "self",
"summary": "SUSE Bug 1256611",
"url": "https://bugzilla.suse.com/1256611"
},
{
"category": "self",
"summary": "SUSE Bug 1256612",
"url": "https://bugzilla.suse.com/1256612"
},
{
"category": "self",
"summary": "SUSE Bug 1256613",
"url": "https://bugzilla.suse.com/1256613"
},
{
"category": "self",
"summary": "SUSE Bug 1256616",
"url": "https://bugzilla.suse.com/1256616"
},
{
"category": "self",
"summary": "SUSE Bug 1256617",
"url": "https://bugzilla.suse.com/1256617"
},
{
"category": "self",
"summary": "SUSE Bug 1256619",
"url": "https://bugzilla.suse.com/1256619"
},
{
"category": "self",
"summary": "SUSE Bug 1256622",
"url": "https://bugzilla.suse.com/1256622"
},
{
"category": "self",
"summary": "SUSE Bug 1256623",
"url": "https://bugzilla.suse.com/1256623"
},
{
"category": "self",
"summary": "SUSE Bug 1256625",
"url": "https://bugzilla.suse.com/1256625"
},
{
"category": "self",
"summary": "SUSE Bug 1256627",
"url": "https://bugzilla.suse.com/1256627"
},
{
"category": "self",
"summary": "SUSE Bug 1256628",
"url": "https://bugzilla.suse.com/1256628"
},
{
"category": "self",
"summary": "SUSE Bug 1256630",
"url": "https://bugzilla.suse.com/1256630"
},
{
"category": "self",
"summary": "SUSE Bug 1256638",
"url": "https://bugzilla.suse.com/1256638"
},
{
"category": "self",
"summary": "SUSE Bug 1256641",
"url": "https://bugzilla.suse.com/1256641"
},
{
"category": "self",
"summary": "SUSE Bug 1256645",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "self",
"summary": "SUSE Bug 1256646",
"url": "https://bugzilla.suse.com/1256646"
},
{
"category": "self",
"summary": "SUSE Bug 1256650",
"url": "https://bugzilla.suse.com/1256650"
},
{
"category": "self",
"summary": "SUSE Bug 1256651",
"url": "https://bugzilla.suse.com/1256651"
},
{
"category": "self",
"summary": "SUSE Bug 1256653",
"url": "https://bugzilla.suse.com/1256653"
},
{
"category": "self",
"summary": "SUSE Bug 1256654",
"url": "https://bugzilla.suse.com/1256654"
},
{
"category": "self",
"summary": "SUSE Bug 1256655",
"url": "https://bugzilla.suse.com/1256655"
},
{
"category": "self",
"summary": "SUSE Bug 1256659",
"url": "https://bugzilla.suse.com/1256659"
},
{
"category": "self",
"summary": "SUSE Bug 1256660",
"url": "https://bugzilla.suse.com/1256660"
},
{
"category": "self",
"summary": "SUSE Bug 1256661",
"url": "https://bugzilla.suse.com/1256661"
},
{
"category": "self",
"summary": "SUSE Bug 1256664",
"url": "https://bugzilla.suse.com/1256664"
},
{
"category": "self",
"summary": "SUSE Bug 1256665",
"url": "https://bugzilla.suse.com/1256665"
},
{
"category": "self",
"summary": "SUSE Bug 1256674",
"url": "https://bugzilla.suse.com/1256674"
},
{
"category": "self",
"summary": "SUSE Bug 1256680",
"url": "https://bugzilla.suse.com/1256680"
},
{
"category": "self",
"summary": "SUSE Bug 1256682",
"url": "https://bugzilla.suse.com/1256682"
},
{
"category": "self",
"summary": "SUSE Bug 1256688",
"url": "https://bugzilla.suse.com/1256688"
},
{
"category": "self",
"summary": "SUSE Bug 1256689",
"url": "https://bugzilla.suse.com/1256689"
},
{
"category": "self",
"summary": "SUSE Bug 1256690",
"url": "https://bugzilla.suse.com/1256690"
},
{
"category": "self",
"summary": "SUSE Bug 1256726",
"url": "https://bugzilla.suse.com/1256726"
},
{
"category": "self",
"summary": "SUSE Bug 1256728",
"url": "https://bugzilla.suse.com/1256728"
},
{
"category": "self",
"summary": "SUSE Bug 1256730",
"url": "https://bugzilla.suse.com/1256730"
},
{
"category": "self",
"summary": "SUSE Bug 1256733",
"url": "https://bugzilla.suse.com/1256733"
},
{
"category": "self",
"summary": "SUSE Bug 1256737",
"url": "https://bugzilla.suse.com/1256737"
},
{
"category": "self",
"summary": "SUSE Bug 1256741",
"url": "https://bugzilla.suse.com/1256741"
},
{
"category": "self",
"summary": "SUSE Bug 1256742",
"url": "https://bugzilla.suse.com/1256742"
},
{
"category": "self",
"summary": "SUSE Bug 1256744",
"url": "https://bugzilla.suse.com/1256744"
},
{
"category": "self",
"summary": "SUSE Bug 1256748",
"url": "https://bugzilla.suse.com/1256748"
},
{
"category": "self",
"summary": "SUSE Bug 1256749",
"url": "https://bugzilla.suse.com/1256749"
},
{
"category": "self",
"summary": "SUSE Bug 1256752",
"url": "https://bugzilla.suse.com/1256752"
},
{
"category": "self",
"summary": "SUSE Bug 1256754",
"url": "https://bugzilla.suse.com/1256754"
},
{
"category": "self",
"summary": "SUSE Bug 1256756",
"url": "https://bugzilla.suse.com/1256756"
},
{
"category": "self",
"summary": "SUSE Bug 1256757",
"url": "https://bugzilla.suse.com/1256757"
},
{
"category": "self",
"summary": "SUSE Bug 1256759",
"url": "https://bugzilla.suse.com/1256759"
},
{
"category": "self",
"summary": "SUSE Bug 1256760",
"url": "https://bugzilla.suse.com/1256760"
},
{
"category": "self",
"summary": "SUSE Bug 1256761",
"url": "https://bugzilla.suse.com/1256761"
},
{
"category": "self",
"summary": "SUSE Bug 1256763",
"url": "https://bugzilla.suse.com/1256763"
},
{
"category": "self",
"summary": "SUSE Bug 1256770",
"url": "https://bugzilla.suse.com/1256770"
},
{
"category": "self",
"summary": "SUSE Bug 1256773",
"url": "https://bugzilla.suse.com/1256773"
},
{
"category": "self",
"summary": "SUSE Bug 1256774",
"url": "https://bugzilla.suse.com/1256774"
},
{
"category": "self",
"summary": "SUSE Bug 1256777",
"url": "https://bugzilla.suse.com/1256777"
},
{
"category": "self",
"summary": "SUSE Bug 1256779",
"url": "https://bugzilla.suse.com/1256779"
},
{
"category": "self",
"summary": "SUSE Bug 1256781",
"url": "https://bugzilla.suse.com/1256781"
},
{
"category": "self",
"summary": "SUSE Bug 1256785",
"url": "https://bugzilla.suse.com/1256785"
},
{
"category": "self",
"summary": "SUSE Bug 1256792",
"url": "https://bugzilla.suse.com/1256792"
},
{
"category": "self",
"summary": "SUSE Bug 1256794",
"url": "https://bugzilla.suse.com/1256794"
},
{
"category": "self",
"summary": "SUSE Bug 1256861",
"url": "https://bugzilla.suse.com/1256861"
},
{
"category": "self",
"summary": "SUSE Bug 1256863",
"url": "https://bugzilla.suse.com/1256863"
},
{
"category": "self",
"summary": "SUSE Bug 1257035",
"url": "https://bugzilla.suse.com/1257035"
},
{
"category": "self",
"summary": "SUSE Bug 1257053",
"url": "https://bugzilla.suse.com/1257053"
},
{
"category": "self",
"summary": "SUSE Bug 1257154",
"url": "https://bugzilla.suse.com/1257154"
},
{
"category": "self",
"summary": "SUSE Bug 1257155",
"url": "https://bugzilla.suse.com/1257155"
},
{
"category": "self",
"summary": "SUSE Bug 1257158",
"url": "https://bugzilla.suse.com/1257158"
},
{
"category": "self",
"summary": "SUSE Bug 1257163",
"url": "https://bugzilla.suse.com/1257163"
},
{
"category": "self",
"summary": "SUSE Bug 1257164",
"url": "https://bugzilla.suse.com/1257164"
},
{
"category": "self",
"summary": "SUSE Bug 1257167",
"url": "https://bugzilla.suse.com/1257167"
},
{
"category": "self",
"summary": "SUSE Bug 1257168",
"url": "https://bugzilla.suse.com/1257168"
},
{
"category": "self",
"summary": "SUSE Bug 1257180",
"url": "https://bugzilla.suse.com/1257180"
},
{
"category": "self",
"summary": "SUSE Bug 1257202",
"url": "https://bugzilla.suse.com/1257202"
},
{
"category": "self",
"summary": "SUSE Bug 1257204",
"url": "https://bugzilla.suse.com/1257204"
},
{
"category": "self",
"summary": "SUSE Bug 1257207",
"url": "https://bugzilla.suse.com/1257207"
},
{
"category": "self",
"summary": "SUSE Bug 1257208",
"url": "https://bugzilla.suse.com/1257208"
},
{
"category": "self",
"summary": "SUSE Bug 1257215",
"url": "https://bugzilla.suse.com/1257215"
},
{
"category": "self",
"summary": "SUSE Bug 1257217",
"url": "https://bugzilla.suse.com/1257217"
},
{
"category": "self",
"summary": "SUSE Bug 1257218",
"url": "https://bugzilla.suse.com/1257218"
},
{
"category": "self",
"summary": "SUSE Bug 1257220",
"url": "https://bugzilla.suse.com/1257220"
},
{
"category": "self",
"summary": "SUSE Bug 1257221",
"url": "https://bugzilla.suse.com/1257221"
},
{
"category": "self",
"summary": "SUSE Bug 1257227",
"url": "https://bugzilla.suse.com/1257227"
},
{
"category": "self",
"summary": "SUSE Bug 1257232",
"url": "https://bugzilla.suse.com/1257232"
},
{
"category": "self",
"summary": "SUSE Bug 1257234",
"url": "https://bugzilla.suse.com/1257234"
},
{
"category": "self",
"summary": "SUSE Bug 1257236",
"url": "https://bugzilla.suse.com/1257236"
},
{
"category": "self",
"summary": "SUSE Bug 1257245",
"url": "https://bugzilla.suse.com/1257245"
},
{
"category": "self",
"summary": "SUSE Bug 1257277",
"url": "https://bugzilla.suse.com/1257277"
},
{
"category": "self",
"summary": "SUSE Bug 1257282",
"url": "https://bugzilla.suse.com/1257282"
},
{
"category": "self",
"summary": "SUSE Bug 1257296",
"url": "https://bugzilla.suse.com/1257296"
},
{
"category": "self",
"summary": "SUSE Bug 1257473",
"url": "https://bugzilla.suse.com/1257473"
},
{
"category": "self",
"summary": "SUSE Bug 1257603",
"url": "https://bugzilla.suse.com/1257603"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53714 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-54013 page",
"url": "https://www.suse.com/security/cve/CVE-2023-54013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42103 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56721 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22047 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38209 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38243 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38322 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38379 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38539 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39880 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40106 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40132 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40166 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40177 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40202 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40238 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40254 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40257 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40259 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40261 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40264 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40328 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40350 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40355 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40363 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68171 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68174 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68178 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68188 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68200 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68227 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68241 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68254 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68256 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68256/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68261 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68284 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68285 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68296 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68297 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68301 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68320 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68327 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68337 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68349 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68363 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68365 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68366 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68367 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68372 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68379 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68777 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68783 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71076 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71082 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71084 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71087 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71091 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71094 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71096 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71098 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71099 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71100 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71101 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71112 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71114 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71118 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71123 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71130 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71132 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71135 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71137 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71143 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71154 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71162 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71163 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22976 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22977 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22978 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22985 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22988 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22990 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22991 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22992 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22993 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22996 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22997 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22999 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23000 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23001 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23006 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23011 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23011/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-02-20T10:04:28Z",
"generator": {
"date": "2026-02-20T10:04:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0587-1",
"initial_release_date": "2026-02-20T10:04:28Z",
"revision_history": [
{
"date": "2026-02-20T10:04:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150700.7.31.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150700.7.31.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150700.7.31.2.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150700.7.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150700.7.31.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP7",
"product": {
"name": "SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150700.7.31.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150700.7.31.2.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150700.7.31.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150700.7.31.2.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150700.7.31.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150700.7.31.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/stm: ltdc: fix late dereference check\n\nIn ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a\ncontainer_of() before the pointer check. This could cause a kernel panic.\n\nFix this smatch warning:\ndrivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check \u0027crtc\u0027 (see line 1119)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53714",
"url": "https://www.suse.com/security/cve/CVE-2023-53714"
},
{
"category": "external",
"summary": "SUSE Bug 1254465 for CVE-2023-53714",
"url": "https://bugzilla.suse.com/1254465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2023-53714"
},
{
"cve": "CVE-2023-54013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-54013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: Fix locking for runpm vs reclaim\n\nFor cases where icc_bw_set() can be called in callbaths that could\ndeadlock against shrinker/reclaim, such as runpm resume, we need to\ndecouple the icc locking. Introduce a new icc_bw_lock for cases where\nwe need to serialize bw aggregation and update to decouple that from\npaths that require memory allocation such as node/link creation/\ndestruction.\n\nFixes this lockdep splat:\n\n ======================================================\n WARNING: possible circular locking dependency detected\n 6.2.0-rc8-debug+ #554 Not tainted\n ------------------------------------------------------\n ring0/132 is trying to acquire lock:\n ffffff80871916d0 (\u0026gmu-\u003elock){+.+.}-{3:3}, at: a6xx_pm_resume+0xf0/0x234\n\n but task is already holding lock:\n ffffffdb5aee57e8 (dma_fence_map){++++}-{0:0}, at: msm_job_run+0x68/0x150\n\n which lock already depends on the new lock.\n\n the existing dependency chain (in reverse order) is:\n\n -\u003e #4 (dma_fence_map){++++}-{0:0}:\n __dma_fence_might_wait+0x74/0xc0\n dma_resv_lockdep+0x1f4/0x2f4\n do_one_initcall+0x104/0x2bc\n kernel_init_freeable+0x344/0x34c\n kernel_init+0x30/0x134\n ret_from_fork+0x10/0x20\n\n -\u003e #3 (mmu_notifier_invalidate_range_start){+.+.}-{0:0}:\n fs_reclaim_acquire+0x80/0xa8\n slab_pre_alloc_hook.constprop.0+0x40/0x25c\n __kmem_cache_alloc_node+0x60/0x1cc\n __kmalloc+0xd8/0x100\n topology_parse_cpu_capacity+0x8c/0x178\n get_cpu_for_node+0x88/0xc4\n parse_cluster+0x1b0/0x28c\n parse_cluster+0x8c/0x28c\n init_cpu_topology+0x168/0x188\n smp_prepare_cpus+0x24/0xf8\n kernel_init_freeable+0x18c/0x34c\n kernel_init+0x30/0x134\n ret_from_fork+0x10/0x20\n\n -\u003e #2 (fs_reclaim){+.+.}-{0:0}:\n __fs_reclaim_acquire+0x3c/0x48\n fs_reclaim_acquire+0x54/0xa8\n slab_pre_alloc_hook.constprop.0+0x40/0x25c\n __kmem_cache_alloc_node+0x60/0x1cc\n __kmalloc+0xd8/0x100\n kzalloc.constprop.0+0x14/0x20\n icc_node_create_nolock+0x4c/0xc4\n icc_node_create+0x38/0x58\n qcom_icc_rpmh_probe+0x1b8/0x248\n platform_probe+0x70/0xc4\n really_probe+0x158/0x290\n __driver_probe_device+0xc8/0xe0\n driver_probe_device+0x44/0x100\n __driver_attach+0xf8/0x108\n bus_for_each_dev+0x78/0xc4\n driver_attach+0x2c/0x38\n bus_add_driver+0xd0/0x1d8\n driver_register+0xbc/0xf8\n __platform_driver_register+0x30/0x3c\n qnoc_driver_init+0x24/0x30\n do_one_initcall+0x104/0x2bc\n kernel_init_freeable+0x344/0x34c\n kernel_init+0x30/0x134\n ret_from_fork+0x10/0x20\n\n -\u003e #1 (icc_lock){+.+.}-{3:3}:\n __mutex_lock+0xcc/0x3c8\n mutex_lock_nested+0x30/0x44\n icc_set_bw+0x88/0x2b4\n _set_opp_bw+0x8c/0xd8\n _set_opp+0x19c/0x300\n dev_pm_opp_set_opp+0x84/0x94\n a6xx_gmu_resume+0x18c/0x804\n a6xx_pm_resume+0xf8/0x234\n adreno_runtime_resume+0x2c/0x38\n pm_generic_runtime_resume+0x30/0x44\n __rpm_callback+0x15c/0x174\n rpm_callback+0x78/0x7c\n rpm_resume+0x318/0x524\n __pm_runtime_resume+0x78/0xbc\n adreno_load_gpu+0xc4/0x17c\n msm_open+0x50/0x120\n drm_file_alloc+0x17c/0x228\n drm_open_helper+0x74/0x118\n drm_open+0xa0/0x144\n drm_stub_open+0xd4/0xe4\n chrdev_open+0x1b8/0x1e4\n do_dentry_open+0x2f8/0x38c\n vfs_open+0x34/0x40\n path_openat+0x64c/0x7b4\n do_filp_open+0x54/0xc4\n do_sys_openat2+0x9c/0x100\n do_sys_open+0x50/0x7c\n __arm64_sys_openat+0x28/0x34\n invoke_syscall+0x8c/0x128\n el0_svc_common.constprop.0+0xa0/0x11c\n do_el0_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-54013",
"url": "https://www.suse.com/security/cve/CVE-2023-54013"
},
{
"category": "external",
"summary": "SUSE Bug 1256280 for CVE-2023-54013",
"url": "https://bugzilla.suse.com/1256280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2023-54013"
},
{
"cve": "CVE-2024-27005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: Don\u0027t access req_list while it\u0027s being manipulated\n\nThe icc_lock mutex was split into separate icc_lock and icc_bw_lock\nmutexes in [1] to avoid lockdep splats. However, this didn\u0027t adequately\nprotect access to icc_node::req_list.\n\nThe icc_set_bw() function will eventually iterate over req_list while\nonly holding icc_bw_lock, but req_list can be modified while only\nholding icc_lock. This causes races between icc_set_bw(), of_icc_get(),\nand icc_put().\n\nExample A:\n\n CPU0 CPU1\n ---- ----\n icc_set_bw(path_a)\n mutex_lock(\u0026icc_bw_lock);\n icc_put(path_b)\n mutex_lock(\u0026icc_lock);\n aggregate_requests()\n hlist_for_each_entry(r, ...\n hlist_del(...\n \u003cr = invalid pointer\u003e\n\nExample B:\n\n CPU0 CPU1\n ---- ----\n icc_set_bw(path_a)\n mutex_lock(\u0026icc_bw_lock);\n path_b = of_icc_get()\n of_icc_get_by_index()\n mutex_lock(\u0026icc_lock);\n path_find()\n path_init()\n aggregate_requests()\n hlist_for_each_entry(r, ...\n hlist_add_head(...\n \u003cr = invalid pointer\u003e\n\nFix this by ensuring icc_bw_lock is always held before manipulating\nicc_node::req_list. The additional places icc_bw_lock is held don\u0027t\nperform any memory allocations, so we should still be safe from the\noriginal lockdep splats that motivated the separate locks.\n\n[1] commit af42269c3523 (\"interconnect: Fix locking for runpm vs reclaim\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27005",
"url": "https://www.suse.com/security/cve/CVE-2024-27005"
},
{
"category": "external",
"summary": "SUSE Bug 1223800 for CVE-2024-27005",
"url": "https://bugzilla.suse.com/1223800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-27005"
},
{
"cve": "CVE-2024-42103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix adding block group to a reclaim list and the unused list during reclaim\n\nThere is a potential parallel list adding for retrying in\nbtrfs_reclaim_bgs_work and adding to the unused list. Since the block\ngroup is removed from the reclaim list and it is on a relocation work,\nit can be added into the unused list in parallel. When that happens,\nadding it to the reclaim list will corrupt the list head and trigger\nlist corruption like below.\n\nFix it by taking fs_info-\u003eunused_bgs_lock.\n\n [177.504][T2585409] BTRFS error (device nullb1): error relocating ch= unk 2415919104\n [177.514][T2585409] list_del corruption. next-\u003eprev should be ff1100= 0344b119c0, but was ff11000377e87c70. (next=3Dff110002390cd9c0)\n [177.529][T2585409] ------------[ cut here ]------------\n [177.537][T2585409] kernel BUG at lib/list_debug.c:65!\n [177.545][T2585409] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [177.555][T2585409] CPU: 9 PID: 2585409 Comm: kworker/u128:2 Tainted: G W 6.10.0-rc5-kts #1\n [177.568][T2585409] Hardware name: Supermicro SYS-520P-WTR/X12SPW-TF, BIOS 1.2 02/14/2022\n [177.579][T2585409] Workqueue: events_unbound btrfs_reclaim_bgs_work[btrfs]\n [177.589][T2585409] RIP: 0010:__list_del_entry_valid_or_report.cold+0x70/0x72\n [177.624][T2585409] RSP: 0018:ff11000377e87a70 EFLAGS: 00010286\n [177.633][T2585409] RAX: 000000000000006d RBX: ff11000344b119c0 RCX:0000000000000000\n [177.644][T2585409] RDX: 000000000000006d RSI: 0000000000000008 RDI:ffe21c006efd0f40\n [177.655][T2585409] RBP: ff110002e0509f78 R08: 0000000000000001 R09:ffe21c006efd0f08\n [177.665][T2585409] R10: ff11000377e87847 R11: 0000000000000000 R12:ff110002390cd9c0\n [177.676][T2585409] R13: ff11000344b119c0 R14: ff110002e0508000 R15:dffffc0000000000\n [177.687][T2585409] FS: 0000000000000000(0000) GS:ff11000fec880000(0000) knlGS:0000000000000000\n [177.700][T2585409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [177.709][T2585409] CR2: 00007f06bc7b1978 CR3: 0000001021e86005 CR4:0000000000771ef0\n [177.720][T2585409] DR0: 0000000000000000 DR1: 0000000000000000 DR2:0000000000000000\n [177.731][T2585409] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:0000000000000400\n [177.742][T2585409] PKRU: 55555554\n [177.748][T2585409] Call Trace:\n [177.753][T2585409] \u003cTASK\u003e\n [177.759][T2585409] ? __die_body.cold+0x19/0x27\n [177.766][T2585409] ? die+0x2e/0x50\n [177.772][T2585409] ? do_trap+0x1ea/0x2d0\n [177.779][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.788][T2585409] ? do_error_trap+0xa3/0x160\n [177.795][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.805][T2585409] ? handle_invalid_op+0x2c/0x40\n [177.812][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.820][T2585409] ? exc_invalid_op+0x2d/0x40\n [177.827][T2585409] ? asm_exc_invalid_op+0x1a/0x20\n [177.834][T2585409] ? __list_del_entry_valid_or_report.cold+0x70/0x72\n [177.843][T2585409] btrfs_delete_unused_bgs+0x3d9/0x14c0 [btrfs]\n\nThere is a similar retry_list code in btrfs_delete_unused_bgs(), but it is\nsafe, AFAICS. Since the block group was in the unused list, the used bytes\nshould be 0 when it was added to the unused list. Then, it checks\nblock_group-\u003e{used,reserved,pinned} are still 0 under the\nblock_group-\u003elock. So, they should be still eligible for the unused list,\nnot the reclaim list.\n\nThe reason it is safe there it\u0027s because because we\u0027re holding\nspace_info-\u003egroups_sem in write mode.\n\nThat means no other task can allocate from the block group, so while we\nare at deleted_unused_bgs() it\u0027s not possible for other tasks to\nallocate and deallocate extents from the block group, so it can\u0027t be\nadded to the unused list or the reclaim list by anyone else.\n\nThe bug can be reproduced by btrfs/166 after a few rounds. In practice\nthis can be hit when relocation cannot find more chunk space and ends\nwith ENOSPC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42103",
"url": "https://www.suse.com/security/cve/CVE-2024-42103"
},
{
"category": "external",
"summary": "SUSE Bug 1228490 for CVE-2024-42103",
"url": "https://bugzilla.suse.com/1228490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-42103"
},
{
"cve": "CVE-2024-53070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: fix fault at system suspend if device was already runtime suspended\n\nIf the device was already runtime suspended then during system suspend\nwe cannot access the device registers else it will crash.\n\nAlso we cannot access any registers after dwc3_core_exit() on some\nplatforms so move the dwc3_enable_susphy() call to the top.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53070",
"url": "https://www.suse.com/security/cve/CVE-2024-53070"
},
{
"category": "external",
"summary": "SUSE Bug 1233563 for CVE-2024-53070",
"url": "https://bugzilla.suse.com/1233563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-53070"
},
{
"cve": "CVE-2024-53149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: glink: fix off-by-one in connector_status\n\nUCSI connector\u0027s indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS.\nCorrect the condition in the pmic_glink_ucsi_connector_status()\ncallback, fixing Type-C orientation reporting for the third USB-C\nconnector.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53149",
"url": "https://www.suse.com/security/cve/CVE-2024-53149"
},
{
"category": "external",
"summary": "SUSE Bug 1234842 for CVE-2024-53149",
"url": "https://bugzilla.suse.com/1234842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "low"
}
],
"title": "CVE-2024-53149"
},
{
"cve": "CVE-2024-56721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Terminate the erratum_1386_microcode array\n\nThe erratum_1386_microcode array requires an empty entry at the end.\nOtherwise x86_match_cpu_with_stepping() will continue iterate the array after\nit ended.\n\nAdd an empty entry to erratum_1386_microcode to its end.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56721",
"url": "https://www.suse.com/security/cve/CVE-2024-56721"
},
{
"category": "external",
"summary": "SUSE Bug 1235566 for CVE-2024-56721",
"url": "https://bugzilla.suse.com/1235566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-56721"
},
{
"cve": "CVE-2025-22047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix __apply_microcode_amd()\u0027s return value\n\nWhen verify_sha256_digest() fails, __apply_microcode_amd() should propagate\nthe failure by returning false (and not -1 which is promoted to true).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22047",
"url": "https://www.suse.com/security/cve/CVE-2025-22047"
},
{
"category": "external",
"summary": "SUSE Bug 1241437 for CVE-2025-22047",
"url": "https://bugzilla.suse.com/1241437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-22047"
},
{
"cve": "CVE-2025-37744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix memory leak in ath12k_pci_remove()\n\nKmemleak reported this error:\n\n unreferenced object 0xffff1c165cec3060 (size 32):\n comm \"insmod\", pid 560, jiffies 4296964570 (age 235.596s)\n backtrace:\n [\u003c000000005434db68\u003e] __kmem_cache_alloc_node+0x1f4/0x2c0\n [\u003c000000001203b155\u003e] kmalloc_trace+0x40/0x88\n [\u003c0000000028adc9c8\u003e] _request_firmware+0xb8/0x608\n [\u003c00000000cad1aef7\u003e] firmware_request_nowarn+0x50/0x80\n [\u003c000000005011a682\u003e] local_pci_probe+0x48/0xd0\n [\u003c00000000077cd295\u003e] pci_device_probe+0xb4/0x200\n [\u003c0000000087184c94\u003e] really_probe+0x150/0x2c0\n\nThe firmware memory was allocated in ath12k_pci_probe(), but not\nfreed in ath12k_pci_remove() in case ATH12K_FLAG_QMI_FAIL bit is\nset. So call ath12k_fw_unmap() to free the memory.\n\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.2.0-02280-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37744",
"url": "https://www.suse.com/security/cve/CVE-2025-37744"
},
{
"category": "external",
"summary": "SUSE Bug 1243662 for CVE-2025-37744",
"url": "https://bugzilla.suse.com/1243662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-37744"
},
{
"cve": "CVE-2025-37751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu: Avoid running off the end of an AMD erratum table\n\nThe NULL array terminator at the end of erratum_1386_microcode was\nremoved during the switch from x86_cpu_desc to x86_cpu_id. This\ncauses readers to run off the end of the array.\n\nReplace the NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37751",
"url": "https://www.suse.com/security/cve/CVE-2025-37751"
},
{
"category": "external",
"summary": "SUSE Bug 1242505 for CVE-2025-37751",
"url": "https://bugzilla.suse.com/1242505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-37751"
},
{
"cve": "CVE-2025-37813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix invalid pointer dereference in Etron workaround\n\nThis check is performed before prepare_transfer() and prepare_ring(), so\nenqueue can already point at the final link TRB of a segment. And indeed\nit will, some 0.4% of times this code is called.\n\nThen enqueue + 1 is an invalid pointer. It will crash the kernel right\naway or load some junk which may look like a link TRB and cause the real\nlink TRB to be replaced with a NOOP. This wouldn\u0027t end well.\n\nUse a functionally equivalent test which doesn\u0027t dereference the pointer\nand always gives correct result.\n\nSomething has crashed my machine twice in recent days while playing with\nan Etron HC, and a control transfer stress test ran for confirmation has\njust crashed it again. The same test passes with this patch applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37813",
"url": "https://www.suse.com/security/cve/CVE-2025-37813"
},
{
"category": "external",
"summary": "SUSE Bug 1242909 for CVE-2025-37813",
"url": "https://bugzilla.suse.com/1242909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-37813"
},
{
"cve": "CVE-2025-38209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: remove tag set when second admin queue config fails\n\nCommit 104d0e2f6222 (\"nvme-fabrics: reset admin connection for secure\nconcatenation\") modified nvme_tcp_setup_ctrl() to call\nnvme_tcp_configure_admin_queue() twice. The first call prepares for\nDH-CHAP negotitation, and the second call is required for secure\nconcatenation. However, this change triggered BUG KASAN slab-use-after-\nfree in blk_mq_queue_tag_busy_iter(). This BUG can be recreated by\nrepeating the blktests test case nvme/063 a few times [1].\n\nWhen the BUG happens, nvme_tcp_create_ctrl() fails in the call chain\nbelow:\n\nnvme_tcp_create_ctrl()\n nvme_tcp_alloc_ctrl() new=true ... Alloc nvme_tcp_ctrl and admin_tag_set\n nvme_tcp_setup_ctrl() new=true\n nvme_tcp_configure_admin_queue() new=true ... Succeed\n nvme_alloc_admin_tag_set() ... Alloc the tag set for admin_tag_set\n nvme_stop_keep_alive()\n nvme_tcp_teardown_admin_queue() remove=false\n nvme_tcp_configure_admin_queue() new=false\n nvme_tcp_alloc_admin_queue() ... Fail, but do not call nvme_remove_admin_tag_set()\n nvme_uninit_ctrl()\n nvme_put_ctrl() ... Free up the nvme_tcp_ctrl and admin_tag_set\n\nThe first call of nvme_tcp_configure_admin_queue() succeeds with\nnew=true argument. The second call fails with new=false argument. This\nsecond call does not call nvme_remove_admin_tag_set() on failure, due to\nthe new=false argument. Then the admin tag set is not removed. However,\nnvme_tcp_create_ctrl() assumes that nvme_tcp_setup_ctrl() would call\nnvme_remove_admin_tag_set(). Then it frees up struct nvme_tcp_ctrl which\nhas admin_tag_set field. Later on, the timeout handler accesses the\nadmin_tag_set field and causes the BUG KASAN slab-use-after-free.\n\nTo not leave the admin tag set, call nvme_remove_admin_tag_set() when\nthe second nvme_tcp_configure_admin_queue() call fails. Do not return\nfrom nvme_tcp_setup_ctrl() on failure. Instead, jump to \"destroy_admin\"\ngo-to label to call nvme_tcp_teardown_admin_queue() which calls\nnvme_remove_admin_tag_set().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38209",
"url": "https://www.suse.com/security/cve/CVE-2025-38209"
},
{
"category": "external",
"summary": "SUSE Bug 1246022 for CVE-2025-38209",
"url": "https://bugzilla.suse.com/1246022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-38209"
},
{
"cve": "CVE-2025-38243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38243"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid inode pointer dereferences during log replay\n\nIn a few places where we call read_one_inode(), if we get a NULL pointer\nwe end up jumping into an error path, or fallthrough in case of\n__add_inode_ref(), where we then do something like this:\n\n iput(\u0026inode-\u003evfs_inode);\n\nwhich results in an invalid inode pointer that triggers an invalid memory\naccess, resulting in a crash.\n\nFix this by making sure we don\u0027t do such dereferences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38243",
"url": "https://www.suse.com/security/cve/CVE-2025-38243"
},
{
"category": "external",
"summary": "SUSE Bug 1246184 for CVE-2025-38243",
"url": "https://bugzilla.suse.com/1246184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-38243"
},
{
"cve": "CVE-2025-38322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38322"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix crash in icl_update_topdown_event()\n\nThe perf_fuzzer found a hard-lockup crash on a RaptorLake machine:\n\n Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000\n CPU: 23 UID: 0 PID: 0 Comm: swapper/23\n Tainted: [W]=WARN\n Hardware name: Dell Inc. Precision 9660/0VJ762\n RIP: 0010:native_read_pmc+0x7/0x40\n Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ...\n RSP: 000:fffb03100273de8 EFLAGS: 00010046\n ....\n Call Trace:\n \u003cTASK\u003e\n icl_update_topdown_event+0x165/0x190\n ? ktime_get+0x38/0xd0\n intel_pmu_read_event+0xf9/0x210\n __perf_event_read+0xf9/0x210\n\nCPUs 16-23 are E-core CPUs that don\u0027t support the perf metrics feature.\nThe icl_update_topdown_event() should not be invoked on these CPUs.\n\nIt\u0027s a regression of commit:\n\n f9bdf1f95339 (\"perf/x86/intel: Avoid disable PMU if !cpuc-\u003eenabled in sample read\")\n\nThe bug introduced by that commit is that the is_topdown_event() function\nis mistakenly used to replace the is_topdown_count() call to check if the\ntopdown functions for the perf metrics feature should be invoked.\n\nFix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38322",
"url": "https://www.suse.com/security/cve/CVE-2025-38322"
},
{
"category": "external",
"summary": "SUSE Bug 1246447 for CVE-2025-38322",
"url": "https://bugzilla.suse.com/1246447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-38322"
},
{
"cve": "CVE-2025-38379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix warning when reconnecting channel\n\nWhen reconnecting a channel in smb2_reconnect_server(), a dummy tcon\nis passed down to smb2_reconnect() with -\u003equery_interface\nuninitialized, so we can\u0027t call queue_delayed_work() on it.\n\nFix the following warning by ensuring that we\u0027re queueing the delayed\nworker from correct tcon.\n\nWARNING: CPU: 4 PID: 1126 at kernel/workqueue.c:2498 __queue_delayed_work+0x1d2/0x200\nModules linked in: cifs cifs_arc4 nls_ucs2_utils cifs_md4 [last unloaded: cifs]\nCPU: 4 UID: 0 PID: 1126 Comm: kworker/4:0 Not tainted 6.16.0-rc3 #5 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-4.fc42 04/01/2014\nWorkqueue: cifsiod smb2_reconnect_server [cifs]\nRIP: 0010:__queue_delayed_work+0x1d2/0x200\nCode: 41 5e 41 5f e9 7f ee ff ff 90 0f 0b 90 e9 5d ff ff ff bf 02 00\n00 00 e8 6c f3 07 00 89 c3 eb bd 90 0f 0b 90 e9 57 f\u003e 0b 90 e9 65 fe\nff ff 90 0f 0b 90 e9 72 fe ff ff 90 0f 0b 90 e9\nRSP: 0018:ffffc900014afad8 EFLAGS: 00010003\nRAX: 0000000000000000 RBX: ffff888124d99988 RCX: ffffffff81399cc1\nRDX: dffffc0000000000 RSI: ffff888114326e00 RDI: ffff888124d999f0\nRBP: 000000000000ea60 R08: 0000000000000001 R09: ffffed10249b3331\nR10: ffff888124d9998f R11: 0000000000000004 R12: 0000000000000040\nR13: ffff888114326e00 R14: ffff888124d999d8 R15: ffff888114939020\nFS: 0000000000000000(0000) GS:ffff88829f7fe000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe7a2b4038 CR3: 0000000120a6f000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n queue_delayed_work_on+0xb4/0xc0\n smb2_reconnect+0xb22/0xf50 [cifs]\n smb2_reconnect_server+0x413/0xd40 [cifs]\n ? __pfx_smb2_reconnect_server+0x10/0x10 [cifs]\n ? local_clock_noinstr+0xd/0xd0\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n process_one_work+0x4c5/0xa10\n ? __pfx_process_one_work+0x10/0x10\n ? __list_add_valid_or_report+0x37/0x120\n worker_thread+0x2f1/0x5a0\n ? __kthread_parkme+0xde/0x100\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x1f0\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x15b/0x1f0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nirq event stamp: 1116206\nhardirqs last enabled at (1116205): [\u003cffffffff8143af42\u003e] __up_console_sem+0x52/0x60\nhardirqs last disabled at (1116206): [\u003cffffffff81399f0e\u003e] queue_delayed_work_on+0x6e/0xc0\nsoftirqs last enabled at (1116138): [\u003cffffffffc04562fd\u003e] __smb_send_rqst+0x42d/0x950 [cifs]\nsoftirqs last disabled at (1116136): [\u003cffffffff823d35e1\u003e] release_sock+0x21/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38379",
"url": "https://www.suse.com/security/cve/CVE-2025-38379"
},
{
"category": "external",
"summary": "SUSE Bug 1247030 for CVE-2025-38379",
"url": "https://bugzilla.suse.com/1247030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-38379"
},
{
"cve": "CVE-2025-38539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add down_write(trace_event_sem) when adding trace event\n\nWhen a module is loaded, it adds trace events defined by the module. It\nmay also need to modify the modules trace printk formats to replace enum\nnames with their values.\n\nIf two modules are loaded at the same time, the adding of the event to the\nftrace_events list can corrupt the walking of the list in the code that is\nmodifying the printk format strings and crash the kernel.\n\nThe addition of the event should take the trace_event_sem for write while\nit adds the new event.\n\nAlso add a lockdep_assert_held() on that semaphore in\n__trace_add_event_dirs() as it iterates the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38539",
"url": "https://www.suse.com/security/cve/CVE-2025-38539"
},
{
"category": "external",
"summary": "SUSE Bug 1248211 for CVE-2025-38539",
"url": "https://bugzilla.suse.com/1248211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-38539"
},
{
"cve": "CVE-2025-39689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Also allocate and copy hash for reading of filter files\n\nCurrently the reader of set_ftrace_filter and set_ftrace_notrace just adds\nthe pointer to the global tracer hash to its iterator. Unlike the writer\nthat allocates a copy of the hash, the reader keeps the pointer to the\nfilter hashes. This is problematic because this pointer is static across\nfunction calls that release the locks that can update the global tracer\nhashes. This can cause UAF and similar bugs.\n\nAllocate and copy the hash for reading the filter files like it is done\nfor the writers. This not only fixes UAF bugs, but also makes the code a\nbit simpler as it doesn\u0027t have to differentiate when to free the\niterator\u0027s hash between writers and readers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39689",
"url": "https://www.suse.com/security/cve/CVE-2025-39689"
},
{
"category": "external",
"summary": "SUSE Bug 1249307 for CVE-2025-39689",
"url": "https://bugzilla.suse.com/1249307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-39689"
},
{
"cve": "CVE-2025-39813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix potential warning in trace_printk_seq during ftrace_dump\n\nWhen calling ftrace_dump_one() concurrently with reading trace_pipe,\na WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race\ncondition.\n\nThe issue occurs because:\n\nCPU0 (ftrace_dump) CPU1 (reader)\necho z \u003e /proc/sysrq-trigger\n\n!trace_empty(\u0026iter)\ntrace_iterator_reset(\u0026iter) \u003c- len = size = 0\n cat /sys/kernel/tracing/trace_pipe\ntrace_find_next_entry_inc(\u0026iter)\n __find_next_entry\n ring_buffer_empty_cpu \u003c- all empty\n return NULL\n\ntrace_printk_seq(\u0026iter.seq)\n WARN_ON_ONCE(s-\u003eseq.len \u003e= s-\u003eseq.size)\n\nIn the context between trace_empty() and trace_find_next_entry_inc()\nduring ftrace_dump, the ring buffer data was consumed by other readers.\nThis caused trace_find_next_entry_inc to return NULL, failing to populate\n`iter.seq`. At this point, due to the prior trace_iterator_reset, both\n`iter.seq.len` and `iter.seq.size` were set to 0. Since they are equal,\nthe WARN_ON_ONCE condition is triggered.\n\nMove the trace_printk_seq() into the if block that checks to make sure the\nreturn value of trace_find_next_entry_inc() is non-NULL in\nftrace_dump_one(), ensuring the \u0027iter.seq\u0027 is properly populated before\nsubsequent operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39813",
"url": "https://www.suse.com/security/cve/CVE-2025-39813"
},
{
"category": "external",
"summary": "SUSE Bug 1250032 for CVE-2025-39813",
"url": "https://bugzilla.suse.com/1250032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-39813"
},
{
"cve": "CVE-2025-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntrace/fgraph: Fix the warning caused by missing unregister notifier\n\nThis warning was triggered during testing on v6.16:\n\nnotifier callback ftrace_suspend_notifier_call already registered\nWARNING: CPU: 2 PID: 86 at kernel/notifier.c:23 notifier_chain_register+0x44/0xb0\n...\nCall Trace:\n \u003cTASK\u003e\n blocking_notifier_chain_register+0x34/0x60\n register_ftrace_graph+0x330/0x410\n ftrace_profile_write+0x1e9/0x340\n vfs_write+0xf8/0x420\n ? filp_flush+0x8a/0xa0\n ? filp_close+0x1f/0x30\n ? do_dup2+0xaf/0x160\n ksys_write+0x65/0xe0\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nWhen writing to the function_profile_enabled interface, the notifier was\nnot unregistered after start_graph_tracing failed, causing a warning the\nnext time function_profile_enabled was written.\n\nFixed by adding unregister_pm_notifier in the exception path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39829",
"url": "https://www.suse.com/security/cve/CVE-2025-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1250082 for CVE-2025-39829",
"url": "https://bugzilla.suse.com/1250082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-39829"
},
{
"cve": "CVE-2025-39836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: stmm: Fix incorrect buffer allocation method\n\nThe communication buffer allocated by setup_mm_hdr() is later on passed\nto tee_shm_register_kernel_buf(). The latter expects those buffers to be\ncontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause\nvarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e\n(\"slab: allocate frozen pages\"), though it was broken before as well.\n\nFix this by using alloc_pages_exact() instead of kmalloc().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39836",
"url": "https://www.suse.com/security/cve/CVE-2025-39836"
},
{
"category": "external",
"summary": "SUSE Bug 1249904 for CVE-2025-39836",
"url": "https://bugzilla.suse.com/1249904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-39836"
},
{
"cve": "CVE-2025-39880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix invalid accesses to ceph_connection_v1_info\n\nThere is a place where generic code in messenger.c is reading and\nanother place where it is writing to con-\u003ev1 union member without\nchecking that the union member is active (i.e. msgr1 is in use).\n\nOn 64-bit systems, con-\u003ev1.auth_retry overlaps with con-\u003ev2.out_iter,\nso such a read is almost guaranteed to return a bogus value instead of\n0 when msgr2 is in use. This ends up being fairly benign because the\nside effect is just the invalidation of the authorizer and successive\nfetching of new tickets.\n\ncon-\u003ev1.connect_seq overlaps with con-\u003ev2.conn_bufs and the fact that\nit\u0027s being written to can cause more serious consequences, but luckily\nit\u0027s not something that happens often.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39880",
"url": "https://www.suse.com/security/cve/CVE-2025-39880"
},
{
"category": "external",
"summary": "SUSE Bug 1250388 for CVE-2025-39880",
"url": "https://bugzilla.suse.com/1250388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-39880"
},
{
"cve": "CVE-2025-39913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-\u003ecork.\n\nsyzbot reported the splat below. [0]\n\nThe repro does the following:\n\n 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes)\n 2. Attach the prog to a SOCKMAP\n 3. Add a socket to the SOCKMAP\n 4. Activate fault injection\n 5. Send data less than cork_bytes\n\nAt 5., the data is carried over to the next sendmsg() as it is\nsmaller than the cork_bytes specified by bpf_msg_cork_bytes().\n\nThen, tcp_bpf_send_verdict() tries to allocate psock-\u003ecork to hold\nthe data, but this fails silently due to fault injection + __GFP_NOWARN.\n\nIf the allocation fails, we need to revert the sk-\u003esk_forward_alloc\nchange done by sk_msg_alloc().\n\nLet\u0027s call sk_msg_free() when tcp_bpf_send_verdict fails to allocate\npsock-\u003ecork.\n\nThe \"*copied\" also needs to be updated such that a proper error can\nbe returned to the caller, sendmsg. It fails to allocate psock-\u003ecork.\nNothing has been corked so far, so this patch simply sets \"*copied\"\nto 0.\n\n[0]:\nWARNING: net/ipv4/af_inet.c:156 at inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156, CPU#1: syz-executor/5983\nModules linked in:\nCPU: 1 UID: 0 PID: 5983 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156\nCode: 0f 0b 90 e9 62 fe ff ff e8 7a db b5 f7 90 0f 0b 90 e9 95 fe ff ff e8 6c db b5 f7 90 0f 0b 90 e9 bb fe ff ff e8 5e db b5 f7 90 \u003c0f\u003e 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc\nRSP: 0018:ffffc90000a08b48 EFLAGS: 00010246\nRAX: ffffffff8a09d0b2 RBX: dffffc0000000000 RCX: ffff888024a23c80\nRDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000\nRBP: 0000000000000fff R08: ffff88807e07c627 R09: 1ffff1100fc0f8c4\nR10: dffffc0000000000 R11: ffffed100fc0f8c5 R12: ffff88807e07c380\nR13: dffffc0000000000 R14: ffff88807e07c60c R15: 1ffff1100fc0f872\nFS: 00005555604c4500(0000) GS:ffff888125af1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555604df5c8 CR3: 0000000032b06000 CR4: 00000000003526f0\nCall Trace:\n \u003cIRQ\u003e\n __sk_destruct+0x86/0x660 net/core/sock.c:2339\n rcu_do_batch kernel/rcu/tree.c:2605 [inline]\n rcu_core+0xca8/0x1770 kernel/rcu/tree.c:2861\n handle_softirqs+0x286/0x870 kernel/softirq.c:579\n __do_softirq kernel/softirq.c:613 [inline]\n invoke_softirq kernel/softirq.c:453 [inline]\n __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:696\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39913",
"url": "https://www.suse.com/security/cve/CVE-2025-39913"
},
{
"category": "external",
"summary": "SUSE Bug 1250705 for CVE-2025-39913",
"url": "https://bugzilla.suse.com/1250705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-39913"
},
{
"cve": "CVE-2025-40097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix missing pointer check in hda_component_manager_init function\n\nThe __component_match_add function may assign the \u0027matchptr\u0027 pointer\nthe value ERR_PTR(-ENOMEM), which will subsequently be dereferenced.\n\nThe call stack leading to the error looks like this:\n\nhda_component_manager_init\n|-\u003e component_match_add\n |-\u003e component_match_add_release\n |-\u003e __component_match_add ( ... ,**matchptr, ... )\n |-\u003e *matchptr = ERR_PTR(-ENOMEM); // assign\n|-\u003e component_master_add_with_match( ... match)\n |-\u003e component_match_realloc(match, match-\u003enum); // dereference\n\nAdd IS_ERR() check to prevent the crash.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40097",
"url": "https://www.suse.com/security/cve/CVE-2025-40097"
},
{
"category": "external",
"summary": "SUSE Bug 1252900 for CVE-2025-40097",
"url": "https://bugzilla.suse.com/1252900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40097"
},
{
"cve": "CVE-2025-40106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: fix divide-by-zero in comedi_buf_munge()\n\nThe comedi_buf_munge() function performs a modulo operation\n`async-\u003emunge_chan %= async-\u003ecmd.chanlist_len` without first\nchecking if chanlist_len is zero. If a user program submits a command with\nchanlist_len set to zero, this causes a divide-by-zero error when the device\nprocesses data in the interrupt handler path.\n\nAdd a check for zero chanlist_len at the beginning of the\nfunction, similar to the existing checks for !map and\nCMDF_RAWDATA flag. When chanlist_len is zero, update\nmunge_count and return early, indicating the data was\nhandled without munging.\n\nThis prevents potential kernel panics from malformed user commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40106",
"url": "https://www.suse.com/security/cve/CVE-2025-40106"
},
{
"category": "external",
"summary": "SUSE Bug 1252891 for CVE-2025-40106",
"url": "https://bugzilla.suse.com/1252891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40106"
},
{
"cve": "CVE-2025-40132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback\n\nIn create_sdw_dailink() check that sof_end-\u003ecodec_info-\u003eadd_sidecar\nis not NULL before calling it.\n\nThe original code assumed that if include_sidecar is true, the codec\non that link has an add_sidecar callback. But there could be other\ncodecs on the same link that do not have an add_sidecar callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40132",
"url": "https://www.suse.com/security/cve/CVE-2025-40132"
},
{
"category": "external",
"summary": "SUSE Bug 1253330 for CVE-2025-40132",
"url": "https://bugzilla.suse.com/1253330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40132"
},
{
"cve": "CVE-2025-40136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - request reserved interrupt for virtual function\n\nThe device interrupt vector 3 is an error interrupt for\nphysical function and a reserved interrupt for virtual function.\nHowever, the driver has not registered the reserved interrupt for\nvirtual function. When allocating interrupts, the number of interrupts\nis allocated based on powers of two, which includes this interrupt.\nWhen the system enables GICv4 and the virtual function passthrough\nto the virtual machine, releasing the interrupt in the driver\ntriggers a warning.\n\nThe WARNING report is:\nWARNING: CPU: 62 PID: 14889 at arch/arm64/kvm/vgic/vgic-its.c:852 its_free_ite+0x94/0xb4\n\nTherefore, register a reserved interrupt for VF and set the\nIRQF_NO_AUTOEN flag to avoid that warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40136",
"url": "https://www.suse.com/security/cve/CVE-2025-40136"
},
{
"category": "external",
"summary": "SUSE Bug 1253340 for CVE-2025-40136",
"url": "https://bugzilla.suse.com/1253340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40136"
},
{
"cve": "CVE-2025-40142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT\n\nsnd_pcm_group_lock_irq() acquires a spinlock_t and disables interrupts\nvia spin_lock_irq(). This also implicitly disables the handling of\nsoftirqs such as TIMER_SOFTIRQ.\nOn PREEMPT_RT softirqs are preemptible and spin_lock_irq() does not\ndisable them. That means a timer can be invoked during spin_lock_irq()\non the same CPU. Due to synchronisations reasons local_bh_disable() has\na per-CPU lock named softirq_ctrl.lock which synchronizes individual\nsoftirq against each other.\nsyz-bot managed to trigger a lockdep report where softirq_ctrl.lock is\nacquired in hrtimer_cancel() in addition to hrtimer_run_softirq(). This\nis a possible deadlock.\n\nThe softirq_ctrl.lock can not be made part of spin_lock_irq() as this\nwould lead to too much synchronisation against individual threads on the\nsystem. To avoid the possible deadlock, softirqs must be manually\ndisabled before the lock is acquired.\n\nDisable softirqs before the lock is acquired on PREEMPT_RT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40142",
"url": "https://www.suse.com/security/cve/CVE-2025-40142"
},
{
"category": "external",
"summary": "SUSE Bug 1253348 for CVE-2025-40142",
"url": "https://bugzilla.suse.com/1253348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40142"
},
{
"cve": "CVE-2025-40166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/guc: Check GuC running state before deregistering exec queue\n\nIn normal operation, a registered exec queue is disabled and\nderegistered through the GuC, and freed only after the GuC confirms\ncompletion. However, if the driver is forced to unbind while the exec\nqueue is still running, the user may call exec_destroy() after the GuC\nhas already been stopped and CT communication disabled.\n\nIn this case, the driver cannot receive a response from the GuC,\npreventing proper cleanup of exec queue resources. Fix this by directly\nreleasing the resources when GuC is not running.\n\nHere is the failure dmesg log:\n\"\n[ 468.089581] ---[ end trace 0000000000000000 ]---\n[ 468.089608] pci 0000:03:00.0: [drm] *ERROR* GT0: GUC ID manager unclean (1/65535)\n[ 468.090558] pci 0000:03:00.0: [drm] GT0: total 65535\n[ 468.090562] pci 0000:03:00.0: [drm] GT0: used 1\n[ 468.090564] pci 0000:03:00.0: [drm] GT0: range 1..1 (1)\n[ 468.092716] ------------[ cut here ]------------\n[ 468.092719] WARNING: CPU: 14 PID: 4775 at drivers/gpu/drm/xe/xe_ttm_vram_mgr.c:298 ttm_vram_mgr_fini+0xf8/0x130 [xe]\n\"\n\nv2: use xe_uc_fw_is_running() instead of xe_guc_ct_enabled().\n As CT may go down and come back during VF migration.\n\n(cherry picked from commit 9b42321a02c50a12b2beb6ae9469606257fbecea)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40166",
"url": "https://www.suse.com/security/cve/CVE-2025-40166"
},
{
"category": "external",
"summary": "SUSE Bug 1253433 for CVE-2025-40166",
"url": "https://bugzilla.suse.com/1253433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40166"
},
{
"cve": "CVE-2025-40177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix bootlog initialization ordering\n\nAs soon as we queue MHI buffers to receive the bootlog from the device,\nwe could be receiving data. Therefore all the resources needed to\nprocess that data need to be setup prior to queuing the buffers.\n\nWe currently initialize some of the resources after queuing the buffers\nwhich creates a race between the probe() and any data that comes back\nfrom the device. If the uninitialized resources are accessed, we could\nsee page faults.\n\nFix the init ordering to close the race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40177",
"url": "https://www.suse.com/security/cve/CVE-2025-40177"
},
{
"category": "external",
"summary": "SUSE Bug 1253443 for CVE-2025-40177",
"url": "https://bugzilla.suse.com/1253443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40177"
},
{
"cve": "CVE-2025-40181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP\n\nWhen running as an SNP or TDX guest under KVM, force the legacy PCI hole,\ni.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC\nvia a forced variable MTRR range.\n\nIn most KVM-based setups, legacy devices such as the HPET and TPM are\nenumerated via ACPI. ACPI enumeration includes a Memory32Fixed entry, and\noptionally a SystemMemory descriptor for an OperationRegion, e.g. if the\ndevice needs to be accessed via a Control Method.\n\nIf a SystemMemory entry is present, then the kernel\u0027s ACPI driver will\nauto-ioremap the region so that it can be accessed at will. However, the\nACPI spec doesn\u0027t provide a way to enumerate the memory type of\nSystemMemory regions, i.e. there\u0027s no way to tell software that a region\nmust be mapped as UC vs. WB, etc. As a result, Linux\u0027s ACPI driver always\nmaps SystemMemory regions using ioremap_cache(), i.e. as WB on x86.\n\nThe dedicated device drivers however, e.g. the HPET driver and TPM driver,\nwant to map their associated memory as UC or WC, as accessing PCI devices\nusing WB is unsupported.\n\nOn bare metal and non-CoCO, the conflicting requirements \"work\" as firmware\nconfigures the PCI hole (and other device memory) to be UC in the MTRRs.\nSo even though the ACPI mappings request WB, they are forced to UC- in the\nkernel\u0027s tracking due to the kernel properly handling the MTRR overrides,\nand thus are compatible with the drivers\u0027 requested WC/UC-.\n\nWith force WB MTRRs on SNP and TDX guests, the ACPI mappings get their\nrequested WB if the ACPI mappings are established before the dedicated\ndriver code attempts to initialize the device. E.g. if acpi_init()\nruns before the corresponding device driver is probed, ACPI\u0027s WB mapping\nwill \"win\", and result in the driver\u0027s ioremap() failing because the\nexisting WB mapping isn\u0027t compatible with the requested WC/UC-.\n\nE.g. when a TPM is emulated by the hypervisor (ignoring the security\nimplications of relying on what is allegedly an untrusted entity to store\nmeasurements), the TPM driver will request UC and fail:\n\n [ 1.730459] ioremap error for 0xfed40000-0xfed45000, requested 0x2, got 0x0\n [ 1.732780] tpm_tis MSFT0101:00: probe with driver tpm_tis failed with error -12\n\nNote, the \u00270x2\u0027 and \u00270x0\u0027 values refer to \"enum page_cache_mode\", not x86\u0027s\nmemtypes (which frustratingly are an almost pure inversion; 2 == WB, 0 == UC).\nE.g. tracing mapping requests for TPM TIS yields:\n\n Mapping TPM TIS with req_type = 0\n WARNING: CPU: 22 PID: 1 at arch/x86/mm/pat/memtype.c:530 memtype_reserve+0x2ab/0x460\n Modules linked in:\n CPU: 22 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.16.0-rc7+ #2 VOLUNTARY\n Tainted: [W]=WARN\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/29/2025\n RIP: 0010:memtype_reserve+0x2ab/0x460\n __ioremap_caller+0x16d/0x3d0\n ioremap_cache+0x17/0x30\n x86_acpi_os_ioremap+0xe/0x20\n acpi_os_map_iomem+0x1f3/0x240\n acpi_os_map_memory+0xe/0x20\n acpi_ex_system_memory_space_handler+0x273/0x440\n acpi_ev_address_space_dispatch+0x176/0x4c0\n acpi_ex_access_region+0x2ad/0x530\n acpi_ex_field_datum_io+0xa2/0x4f0\n acpi_ex_extract_from_field+0x296/0x3e0\n acpi_ex_read_data_from_field+0xd1/0x460\n acpi_ex_resolve_node_to_value+0x2ee/0x530\n acpi_ex_resolve_to_value+0x1f2/0x540\n acpi_ds_evaluate_name_path+0x11b/0x190\n acpi_ds_exec_end_op+0x456/0x960\n acpi_ps_parse_loop+0x27a/0xa50\n acpi_ps_parse_aml+0x226/0x600\n acpi_ps_execute_method+0x172/0x3e0\n acpi_ns_evaluate+0x175/0x5f0\n acpi_evaluate_object+0x213/0x490\n acpi_evaluate_integer+0x6d/0x140\n acpi_bus_get_status+0x93/0x150\n acpi_add_single_object+0x43a/0x7c0\n acpi_bus_check_add+0x149/0x3a0\n acpi_bus_check_add_1+0x16/0x30\n acpi_ns_walk_namespace+0x22c/0x360\n acpi_walk_namespace+0x15c/0x170\n acpi_bus_scan+0x1dd/0x200\n acpi_scan_init+0xe5/0x2b0\n acpi_init+0x264/0x5b0\n do_one_i\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40181",
"url": "https://www.suse.com/security/cve/CVE-2025-40181"
},
{
"category": "external",
"summary": "SUSE Bug 1253471 for CVE-2025-40181",
"url": "https://bugzilla.suse.com/1253471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40181"
},
{
"cve": "CVE-2025-40202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: Rework user message limit handling\n\nThe limit on the number of user messages had a number of issues,\nimproper counting in some cases and a use after free.\n\nRestructure how this is all done to handle more in the receive message\nallocation routine, so all refcouting and user message limit counts\nare done in that routine. It\u0027s a lot cleaner and safer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40202",
"url": "https://www.suse.com/security/cve/CVE-2025-40202"
},
{
"category": "external",
"summary": "SUSE Bug 1253451 for CVE-2025-40202",
"url": "https://bugzilla.suse.com/1253451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40202"
},
{
"cve": "CVE-2025-40238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix IPsec cleanup over MPV device\n\nWhen we do mlx5e_detach_netdev() we eventually disable blocking events\nnotifier, among those events are IPsec MPV events from IB to core.\n\nSo before disabling those blocking events, make sure to also unregister\nthe devcom device and mark all this device operations as complete,\nin order to prevent the other device from using invalid netdev\nduring future devcom events which could cause the trace below.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nPGD 146427067 P4D 146427067 PUD 146488067 PMD 0\nOops: Oops: 0000 [#1] SMP\nCPU: 1 UID: 0 PID: 7735 Comm: devlink Tainted: GW 6.12.0-rc6_for_upstream_min_debug_2024_11_08_00_46 #1\nTainted: [W]=WARN\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:mlx5_devcom_comp_set_ready+0x5/0x40 [mlx5_core]\nCode: 00 01 48 83 05 23 32 1e 00 01 41 b8 ed ff ff ff e9 60 ff ff ff 48 83 05 00 32 1e 00 01 eb e3 66 0f 1f 44 00 00 0f 1f 44 00 00 \u003c48\u003e 8b 47 10 48 83 05 5f 32 1e 00 01 48 8b 50 40 48 85 d2 74 05 40\nRSP: 0018:ffff88811a5c35f8 EFLAGS: 00010206\nRAX: ffff888106e8ab80 RBX: ffff888107d7e200 RCX: ffff88810d6f0a00\nRDX: ffff88810d6f0a00 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffff88811a17e620 R08: 0000000000000040 R09: 0000000000000000\nR10: ffff88811a5c3618 R11: 0000000de85d51bd R12: ffff88811a17e600\nR13: ffff88810d6f0a00 R14: 0000000000000000 R15: ffff8881034bda80\nFS: 00007f27bdf89180(0000) GS:ffff88852c880000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000010 CR3: 000000010f159005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_devcom_comp_set_ready+0x5/0x40 [mlx5_core]\n mlx5e_devcom_event_mpv+0x42/0x60 [mlx5_core]\n mlx5_devcom_send_event+0x8c/0x170 [mlx5_core]\n blocking_event+0x17b/0x230 [mlx5_core]\n notifier_call_chain+0x35/0xa0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_mp_event_replay+0x12/0x20 [mlx5_core]\n mlx5_ib_bind_slave_port+0x228/0x2c0 [mlx5_ib]\n mlx5_ib_stage_init_init+0x664/0x9d0 [mlx5_ib]\n ? idr_alloc_cyclic+0x50/0xb0\n ? __kmalloc_cache_noprof+0x167/0x340\n ? __kmalloc_noprof+0x1a7/0x430\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe9/0x310 [mlx5_ib]\n ? kernfs_add_one+0x107/0x150\n ? __mlx5_ib_add+0xd0/0xd0 [mlx5_ib]\n auxiliary_bus_probe+0x3e/0x90\n really_probe+0xc5/0x3a0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x62d/0x830\n __auxiliary_device_add+0x3b/0xa0\n ? auxiliary_device_init+0x41/0x90\n add_adev+0xd1/0x150 [mlx5_core]\n mlx5_rescan_drivers_locked+0x21c/0x300 [mlx5_core]\n esw_mode_change+0x6c/0xc0 [mlx5_core]\n mlx5_devlink_eswitch_mode_set+0x21e/0x640 [mlx5_core]\n devlink_nl_eswitch_set_doit+0x60/0xe0\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x180/0x2b0\n ? devlink_get_from_attrs_lock+0x170/0x170\n ? devlink_nl_eswitch_get_doit+0x290/0x290\n ? devlink_nl_pre_doit_port_optional+0x50/0x50\n ? genl_family_rcv_msg_dumpit+0xf0/0xf0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1fc/0x2d0\n netlink_sendmsg+0x1e4/0x410\n __sock_sendmsg+0x38/0x60\n ? sockfd_lookup_light+0x12/0x60\n __sys_sendto+0x105/0x160\n ? __sys_recvmsg+0x4e/0x90\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f27bc91b13a\nCode: bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 8b 05 fa 96 2c 00 45 89 c9 4c 63 d1 48 63 ff 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40238",
"url": "https://www.suse.com/security/cve/CVE-2025-40238"
},
{
"category": "external",
"summary": "SUSE Bug 1254871 for CVE-2025-40238",
"url": "https://bugzilla.suse.com/1254871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40238"
},
{
"cve": "CVE-2025-40254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: remove never-working support for setting nsh fields\n\nThe validation of the set(nsh(...)) action is completely wrong.\nIt runs through the nsh_key_put_from_nlattr() function that is the\nsame function that validates NSH keys for the flow match and the\npush_nsh() action. However, the set(nsh(...)) has a very different\nmemory layout. Nested attributes in there are doubled in size in\ncase of the masked set(). That makes proper validation impossible.\n\nThere is also confusion in the code between the \u0027masked\u0027 flag, that\nsays that the nested attributes are doubled in size containing both\nthe value and the mask, and the \u0027is_mask\u0027 that says that the value\nwe\u0027re parsing is the mask. This is causing kernel crash on trying to\nwrite into mask part of the match with SW_FLOW_KEY_PUT() during\nvalidation, while validate_nsh() doesn\u0027t allocate any memory for it:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 1c2383067 P4D 1c2383067 PUD 20b703067 PMD 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 8 UID: 0 Kdump: loaded Not tainted 6.17.0-rc4+ #107 PREEMPT(voluntary)\n RIP: 0010:nsh_key_put_from_nlattr+0x19d/0x610 [openvswitch]\n Call Trace:\n \u003cTASK\u003e\n validate_nsh+0x60/0x90 [openvswitch]\n validate_set.constprop.0+0x270/0x3c0 [openvswitch]\n __ovs_nla_copy_actions+0x477/0x860 [openvswitch]\n ovs_nla_copy_actions+0x8d/0x100 [openvswitch]\n ovs_packet_cmd_execute+0x1cc/0x310 [openvswitch]\n genl_family_rcv_msg_doit+0xdb/0x130\n genl_family_rcv_msg+0x14b/0x220\n genl_rcv_msg+0x47/0xa0\n netlink_rcv_skb+0x53/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x280/0x3b0\n netlink_sendmsg+0x1f7/0x430\n ____sys_sendmsg+0x36b/0x3a0\n ___sys_sendmsg+0x87/0xd0\n __sys_sendmsg+0x6d/0xd0\n do_syscall_64+0x7b/0x2c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe third issue with this process is that while trying to convert\nthe non-masked set into masked one, validate_set() copies and doubles\nthe size of the OVS_KEY_ATTR_NSH as if it didn\u0027t have any nested\nattributes. It should be copying each nested attribute and doubling\nthem in size independently. And the process must be properly reversed\nduring the conversion back from masked to a non-masked variant during\nthe flow dump.\n\nIn the end, the only two outcomes of trying to use this action are\neither validation failure or a kernel crash. And if somehow someone\nmanages to install a flow with such an action, it will most definitely\nnot do what it is supposed to, since all the keys and the masks are\nmixed up.\n\nFixing all the issues is a complex task as it requires re-writing\nmost of the validation code.\n\nGiven that and the fact that this functionality never worked since\nintroduction, let\u0027s just remove it altogether. It\u0027s better to\nre-introduce it later with a proper implementation instead of trying\nto fix it in stable releases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40254",
"url": "https://www.suse.com/security/cve/CVE-2025-40254"
},
{
"category": "external",
"summary": "SUSE Bug 1254852 for CVE-2025-40254",
"url": "https://bugzilla.suse.com/1254852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40254"
},
{
"cve": "CVE-2025-40257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix a race in mptcp_pm_del_add_timer()\n\nmptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, \u0026entry-\u003eadd_timer)\nwhile another might have free entry already, as reported by syzbot.\n\nAdd RCU protection to fix this issue.\n\nAlso change confusing add_timer variable with stop_timer boolean.\n\nsyzbot report:\n\nBUG: KASAN: slab-use-after-free in __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616\nRead of size 4 at addr ffff8880311e4150 by task kworker/1:1/44\n\nCPU: 1 UID: 0 PID: 44 Comm: kworker/1:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025\nWorkqueue: events mptcp_worker\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616\n sk_stop_timer_sync+0x1b/0x90 net/core/sock.c:3631\n mptcp_pm_del_add_timer+0x283/0x310 net/mptcp/pm.c:362\n mptcp_incoming_options+0x1357/0x1f60 net/mptcp/options.c:1174\n tcp_data_queue+0xca/0x6450 net/ipv4/tcp_input.c:5361\n tcp_rcv_established+0x1335/0x2670 net/ipv4/tcp_input.c:6441\n tcp_v4_do_rcv+0x98b/0xbf0 net/ipv4/tcp_ipv4.c:1931\n tcp_v4_rcv+0x252a/0x2dc0 net/ipv4/tcp_ipv4.c:2374\n ip_protocol_deliver_rcu+0x221/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x3bb/0x6f0 net/ipv4/ip_input.c:239\n NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\n NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\n __netif_receive_skb_one_core net/core/dev.c:6079 [inline]\n __netif_receive_skb+0x143/0x380 net/core/dev.c:6192\n process_backlog+0x31e/0x900 net/core/dev.c:6544\n __napi_poll+0xb6/0x540 net/core/dev.c:7594\n napi_poll net/core/dev.c:7657 [inline]\n net_rx_action+0x5f7/0xda0 net/core/dev.c:7784\n handle_softirqs+0x22f/0x710 kernel/softirq.c:622\n __do_softirq kernel/softirq.c:656 [inline]\n __local_bh_enable_ip+0x1a0/0x2e0 kernel/softirq.c:302\n mptcp_pm_send_ack net/mptcp/pm.c:210 [inline]\n mptcp_pm_addr_send_ack+0x41f/0x500 net/mptcp/pm.c:-1\n mptcp_pm_worker+0x174/0x320 net/mptcp/pm.c:1002\n mptcp_worker+0xd5/0x1170 net/mptcp/protocol.c:2762\n process_one_work kernel/workqueue.c:3263 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 44:\n kasan_save_stack mm/kasan/common.c:56 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:77\n poison_kmalloc_redzone mm/kasan/common.c:400 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:417\n kasan_kmalloc include/linux/kasan.h:262 [inline]\n __kmalloc_cache_noprof+0x1ef/0x6c0 mm/slub.c:5748\n kmalloc_noprof include/linux/slab.h:957 [inline]\n mptcp_pm_alloc_anno_list+0x104/0x460 net/mptcp/pm.c:385\n mptcp_pm_create_subflow_or_signal_addr+0xf9d/0x1360 net/mptcp/pm_kernel.c:355\n mptcp_pm_nl_fully_established net/mptcp/pm_kernel.c:409 [inline]\n __mptcp_pm_kernel_worker+0x417/0x1ef0 net/mptcp/pm_kernel.c:1529\n mptcp_pm_worker+0x1ee/0x320 net/mptcp/pm.c:1008\n mptcp_worker+0xd5/0x1170 net/mptcp/protocol.c:2762\n process_one_work kernel/workqueue.c:3263 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n\nFreed by task 6630:\n kasan_save_stack mm/kasan/common.c:56 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:77\n __kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:587\n kasan_save_free_info mm/kasan/kasan.h:406 [inline]\n poison_slab_object m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40257",
"url": "https://www.suse.com/security/cve/CVE-2025-40257"
},
{
"category": "external",
"summary": "SUSE Bug 1254842 for CVE-2025-40257",
"url": "https://bugzilla.suse.com/1254842"
},
{
"category": "external",
"summary": "SUSE Bug 1257242 for CVE-2025-40257",
"url": "https://bugzilla.suse.com/1257242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-40257"
},
{
"cve": "CVE-2025-40259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Do not sleep in atomic context\n\nsg_finish_rem_req() calls blk_rq_unmap_user(). The latter function may\nsleep. Hence, call sg_finish_rem_req() with interrupts enabled instead\nof disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40259",
"url": "https://www.suse.com/security/cve/CVE-2025-40259"
},
{
"category": "external",
"summary": "SUSE Bug 1254845 for CVE-2025-40259",
"url": "https://bugzilla.suse.com/1254845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40259"
},
{
"cve": "CVE-2025-40261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl()\n\nnvme_fc_delete_assocation() waits for pending I/O to complete before\nreturning, and an error can cause -\u003eioerr_work to be queued after\ncancel_work_sync() had been called. Move the call to cancel_work_sync() to\nbe after nvme_fc_delete_association() to ensure -\u003eioerr_work is not running\nwhen the nvme_fc_ctrl object is freed. Otherwise the following can occur:\n\n[ 1135.911754] list_del corruption, ff2d24c8093f31f8-\u003enext is NULL\n[ 1135.917705] ------------[ cut here ]------------\n[ 1135.922336] kernel BUG at lib/list_debug.c:52!\n[ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary)\n[ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025\n[ 1135.950969] Workqueue: 0x0 (nvme-wq)\n[ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff \u003c0f\u003e 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b\n[ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046\n[ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000\n[ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0\n[ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08\n[ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100\n[ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0\n[ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000\n[ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0\n[ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 1136.055910] PKRU: 55555554\n[ 1136.058623] Call Trace:\n[ 1136.061074] \u003cTASK\u003e\n[ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.071898] ? move_linked_works+0x4a/0xa0\n[ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.081744] ? __die_body.cold+0x8/0x12\n[ 1136.085584] ? die+0x2e/0x50\n[ 1136.088469] ? do_trap+0xca/0x110\n[ 1136.091789] ? do_error_trap+0x65/0x80\n[ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.101289] ? exc_invalid_op+0x50/0x70\n[ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20\n[ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.120806] move_linked_works+0x4a/0xa0\n[ 1136.124733] worker_thread+0x216/0x3a0\n[ 1136.128485] ? __pfx_worker_thread+0x10/0x10\n[ 1136.132758] kthread+0xfa/0x240\n[ 1136.135904] ? __pfx_kthread+0x10/0x10\n[ 1136.139657] ret_from_fork+0x31/0x50\n[ 1136.143236] ? __pfx_kthread+0x10/0x10\n[ 1136.146988] ret_from_fork_asm+0x1a/0x30\n[ 1136.150915] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40261",
"url": "https://www.suse.com/security/cve/CVE-2025-40261"
},
{
"category": "external",
"summary": "SUSE Bug 1254839 for CVE-2025-40261",
"url": "https://bugzilla.suse.com/1254839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40261"
},
{
"cve": "CVE-2025-40264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: pass wrb_params in case of OS2BMC\n\nbe_insert_vlan_in_pkt() is called with the wrb_params argument being NULL\nat be_send_pkt_to_bmc() call site. This may lead to dereferencing a NULL\npointer when processing a workaround for specific packet, as commit\nbc0c3405abbb (\"be2net: fix a Tx stall bug caused by a specific ipv6\npacket\") states.\n\nThe correct way would be to pass the wrb_params from be_xmit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40264",
"url": "https://www.suse.com/security/cve/CVE-2025-40264"
},
{
"category": "external",
"summary": "SUSE Bug 1254835 for CVE-2025-40264",
"url": "https://bugzilla.suse.com/1254835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40264"
},
{
"cve": "CVE-2025-40328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_close_cached_fid()\n\nfind_or_create_cached_dir() could grab a new reference after kref_put()\nhad seen the refcount drop to zero but before cfid_list_lock is acquired\nin smb2_close_cached_fid(), leading to use-after-free.\n\nSwitch to kref_put_lock() so cfid_release() is called with\ncfid_list_lock held, closing that gap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40328",
"url": "https://www.suse.com/security/cve/CVE-2025-40328"
},
{
"category": "external",
"summary": "SUSE Bug 1254624 for CVE-2025-40328",
"url": "https://bugzilla.suse.com/1254624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40328"
},
{
"cve": "CVE-2025-40350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40350"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ\n\nXDP programs can change the layout of an xdp_buff through\nbpf_xdp_adjust_tail() and bpf_xdp_adjust_head(). Therefore, the driver\ncannot assume the size of the linear data area nor fragments. Fix the\nbug in mlx5 by generating skb according to xdp_buff after XDP programs\nrun.\n\nCurrently, when handling multi-buf XDP, the mlx5 driver assumes the\nlayout of an xdp_buff to be unchanged. That is, the linear data area\ncontinues to be empty and fragments remain the same. This may cause\nthe driver to generate erroneous skb or triggering a kernel\nwarning. When an XDP program added linear data through\nbpf_xdp_adjust_head(), the linear data will be ignored as\nmlx5e_build_linear_skb() builds an skb without linear data and then\npull data from fragments to fill the linear data area. When an XDP\nprogram has shrunk the non-linear data through bpf_xdp_adjust_tail(),\nthe delta passed to __pskb_pull_tail() may exceed the actual nonlinear\ndata size and trigger the BUG_ON in it.\n\nTo fix the issue, first record the original number of fragments. If the\nnumber of fragments changes after the XDP program runs, rewind the end\nfragment pointer by the difference and recalculate the truesize. Then,\nbuild the skb with the linear data area matching the xdp_buff. Finally,\nonly pull data in if there is non-linear data and fill the linear part\nup to 256 bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40350",
"url": "https://www.suse.com/security/cve/CVE-2025-40350"
},
{
"category": "external",
"summary": "SUSE Bug 1255260 for CVE-2025-40350",
"url": "https://bugzilla.suse.com/1255260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40350"
},
{
"cve": "CVE-2025-40355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40355"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysfs: check visibility before changing group attribute ownership\n\nSince commit 0c17270f9b92 (\"net: sysfs: Implement is_visible for\nphys_(port_id, port_name, switch_id)\"), __dev_change_net_namespace() can\nhit WARN_ON() when trying to change owner of a file that isn\u0027t visible.\nSee the trace below:\n\n WARNING: CPU: 6 PID: 2938 at net/core/dev.c:12410 __dev_change_net_namespace+0xb89/0xc30\n CPU: 6 UID: 0 PID: 2938 Comm: incusd Not tainted 6.17.1-1-mainline #1 PREEMPT(full) 4b783b4a638669fb644857f484487d17cb45ed1f\n Hardware name: Framework Laptop 13 (AMD Ryzen 7040Series)/FRANMDCP07, BIOS 03.07 02/19/2025\n RIP: 0010:__dev_change_net_namespace+0xb89/0xc30\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? if6_seq_show+0x30/0x50\n do_setlink.isra.0+0xc7/0x1270\n ? __nla_validate_parse+0x5c/0xcc0\n ? security_capable+0x94/0x1a0\n rtnl_newlink+0x858/0xc20\n ? update_curr+0x8e/0x1c0\n ? update_entity_lag+0x71/0x80\n ? sched_balance_newidle+0x358/0x450\n ? psi_task_switch+0x113/0x2a0\n ? __pfx_rtnl_newlink+0x10/0x10\n rtnetlink_rcv_msg+0x346/0x3e0\n ? sched_clock+0x10/0x30\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x59/0x110\n netlink_unicast+0x285/0x3c0\n ? __alloc_skb+0xdb/0x1a0\n netlink_sendmsg+0x20d/0x430\n ____sys_sendmsg+0x39f/0x3d0\n ? import_iovec+0x2f/0x40\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x81/0x970\n ? __sys_bind+0xe3/0x110\n ? syscall_exit_work+0x143/0x1b0\n ? do_syscall_64+0x244/0x970\n ? sock_alloc_file+0x63/0xc0\n ? syscall_exit_work+0x143/0x1b0\n ? do_syscall_64+0x244/0x970\n ? alloc_fd+0x12e/0x190\n ? put_unused_fd+0x2a/0x70\n ? do_sys_openat2+0xa2/0xe0\n ? syscall_exit_work+0x143/0x1b0\n ? do_syscall_64+0x244/0x970\n ? exc_page_fault+0x7e/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n\nFix this by checking is_visible() before trying to touch the attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40355",
"url": "https://www.suse.com/security/cve/CVE-2025-40355"
},
{
"category": "external",
"summary": "SUSE Bug 1255261 for CVE-2025-40355",
"url": "https://bugzilla.suse.com/1255261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-40355"
},
{
"cve": "CVE-2025-40363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40363"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix field-spanning memcpy warning in AH output\n\nFix field-spanning memcpy warnings in ah6_output() and\nah6_output_done() where extension headers are copied to/from IPv6\naddress fields, triggering fortify-string warnings about writes beyond\nthe 16-byte address fields.\n\n memcpy: detected field-spanning write (size 40) of single field \"\u0026top_iph-\u003esaddr\" at net/ipv6/ah6.c:439 (size 16)\n WARNING: CPU: 0 PID: 8838 at net/ipv6/ah6.c:439 ah6_output+0xe7e/0x14e0 net/ipv6/ah6.c:439\n\nThe warnings are false positives as the extension headers are\nintentionally placed after the IPv6 header in memory. Fix by properly\ncopying addresses and extension headers separately, and introduce\nhelper functions to avoid code duplication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40363",
"url": "https://www.suse.com/security/cve/CVE-2025-40363"
},
{
"category": "external",
"summary": "SUSE Bug 1255102 for CVE-2025-40363",
"url": "https://bugzilla.suse.com/1255102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "low"
}
],
"title": "CVE-2025-40363"
},
{
"cve": "CVE-2025-68171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Ensure XFD state on signal delivery\n\nSean reported [1] the following splat when running KVM tests:\n\n WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70\n Call Trace:\n \u003cTASK\u003e\n fpu__clear_user_states+0x9c/0x100\n arch_do_signal_or_restart+0x142/0x210\n exit_to_user_mode_loop+0x55/0x100\n do_syscall_64+0x205/0x2c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nChao further identified [2] a reproducible scenario involving signal\ndelivery: a non-AMX task is preempted by an AMX-enabled task which\nmodifies the XFD MSR.\n\nWhen the non-AMX task resumes and reloads XSTATE with init values,\na warning is triggered due to a mismatch between fpstate::xfd and the\nCPU\u0027s current XFD state. fpu__clear_user_states() does not currently\nre-synchronize the XFD state after such preemption.\n\nInvoke xfd_update_state() which detects and corrects the mismatch if\nthere is a dynamic feature.\n\nThis also benefits the sigreturn path, as fpu__restore_sig() may call\nfpu__clear_user_states() when the sigframe is inaccessible.\n\n[ dhansen: minor changelog munging ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68171",
"url": "https://www.suse.com/security/cve/CVE-2025-68171"
},
{
"category": "external",
"summary": "SUSE Bug 1255255 for CVE-2025-68171",
"url": "https://bugzilla.suse.com/1255255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68171"
},
{
"cve": "CVE-2025-68174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68174"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: enhance kfd process check in switch partition\n\ncurrent switch partition only check if kfd_processes_table is empty.\nkfd_prcesses_table entry is deleted in kfd_process_notifier_release, but\nkfd_process tear down is in kfd_process_wq_release.\n\nconsider two processes:\n\nProcess A (workqueue) -\u003e kfd_process_wq_release -\u003e Access kfd_node member\nProcess B switch partition -\u003e amdgpu_xcp_pre_partition_switch -\u003e amdgpu_amdkfd_device_fini_sw\n-\u003e kfd_node tear down.\n\nProcess A and B may trigger a race as shown in dmesg log.\n\nThis patch is to resolve the race by adding an atomic kfd_process counter\nkfd_processes_count, it increment as create kfd process, decrement as\nfinish kfd_process_wq_release.\n\nv2: Put kfd_processes_count per kfd_dev, move decrement to kfd_process_destroy_pdds\nand bug fix. (Philip Yang)\n\n[3966658.307702] divide error: 0000 [#1] SMP NOPTI\n[3966658.350818] i10nm_edac\n[3966658.356318] CPU: 124 PID: 38435 Comm: kworker/124:0 Kdump: loaded Tainted\n[3966658.356890] Workqueue: kfd_process_wq kfd_process_wq_release [amdgpu]\n[3966658.362839] nfit\n[3966658.366457] RIP: 0010:kfd_get_num_sdma_engines+0x17/0x40 [amdgpu]\n[3966658.366460] Code: 00 00 e9 ac 81 02 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 0f 1f 44 00 00 48 8b 4f 08 48 8b b7 00 01 00 00 8b 81 58 26 03 00 99 \u003cf7\u003e be b8 01 00 00 80 b9 70 2e 00 00 00 74 0b 83 f8 02 ba 02 00 00\n[3966658.380967] x86_pkg_temp_thermal\n[3966658.391529] RSP: 0018:ffffc900a0edfdd8 EFLAGS: 00010246\n[3966658.391531] RAX: 0000000000000008 RBX: ffff8974e593b800 RCX: ffff888645900000\n[3966658.391531] RDX: 0000000000000000 RSI: ffff888129154400 RDI: ffff888129151c00\n[3966658.391532] RBP: ffff8883ad79d400 R08: 0000000000000000 R09: ffff8890d2750af4\n[3966658.391532] R10: 0000000000000018 R11: 0000000000000018 R12: 0000000000000000\n[3966658.391533] R13: ffff8883ad79d400 R14: ffffe87ff662ba00 R15: ffff8974e593b800\n[3966658.391533] FS: 0000000000000000(0000) GS:ffff88fe7f600000(0000) knlGS:0000000000000000\n[3966658.391534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[3966658.391534] CR2: 0000000000d71000 CR3: 000000dd0e970004 CR4: 0000000002770ee0\n[3966658.391535] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[3966658.391535] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[3966658.391536] PKRU: 55555554\n[3966658.391536] Call Trace:\n[3966658.391674] deallocate_sdma_queue+0x38/0xa0 [amdgpu]\n[3966658.391762] process_termination_cpsch+0x1ed/0x480 [amdgpu]\n[3966658.399754] intel_powerclamp\n[3966658.402831] kfd_process_dequeue_from_all_devices+0x5b/0xc0 [amdgpu]\n[3966658.402908] kfd_process_wq_release+0x1a/0x1a0 [amdgpu]\n[3966658.410516] coretemp\n[3966658.434016] process_one_work+0x1ad/0x380\n[3966658.434021] worker_thread+0x49/0x310\n[3966658.438963] kvm_intel\n[3966658.446041] ? process_one_work+0x380/0x380\n[3966658.446045] kthread+0x118/0x140\n[3966658.446047] ? __kthread_bind_mask+0x60/0x60\n[3966658.446050] ret_from_fork+0x1f/0x30\n[3966658.446053] Modules linked in: kpatch_20765354(OEK)\n[3966658.455310] kvm\n[3966658.464534] mptcp_diag xsk_diag raw_diag unix_diag af_packet_diag netlink_diag udp_diag act_pedit act_mirred act_vlan cls_flower kpatch_21951273(OEK) kpatch_18424469(OEK) kpatch_19749756(OEK)\n[3966658.473462] idxd_mdev\n[3966658.482306] kpatch_17971294(OEK) sch_ingress xt_conntrack amdgpu(OE) amdxcp(OE) amddrm_buddy(OE) amd_sched(OE) amdttm(OE) amdkcl(OE) intel_ifs iptable_mangle tcm_loop target_core_pscsi tcp_diag target_core_file inet_diag target_core_iblock target_core_user target_core_mod coldpgs kpatch_18383292(OEK) ip6table_nat ip6table_filter ip6_tables ip_set_hash_ipportip ip_set_hash_ipportnet ip_set_hash_ipport ip_set_bitmap_port xt_comment iptable_nat nf_nat iptable_filter ip_tables ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 sn_core_odd(OE) i40e overlay binfmt_misc tun bonding(OE) aisqos(OE) aisqo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68174",
"url": "https://www.suse.com/security/cve/CVE-2025-68174"
},
{
"category": "external",
"summary": "SUSE Bug 1255327 for CVE-2025-68174",
"url": "https://bugzilla.suse.com/1255327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68174"
},
{
"cve": "CVE-2025-68178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix possible deadlock while configuring policy\n\nFollowing deadlock can be triggered easily by lockdep:\n\nWARNING: possible circular locking dependency detected\n6.17.0-rc3-00124-ga12c2658ced0 #1665 Not tainted\n------------------------------------------------------\ncheck/1334 is trying to acquire lock:\nff1100011d9d0678 (\u0026q-\u003esysfs_lock){+.+.}-{4:4}, at: blk_unregister_queue+0x53/0x180\n\nbut task is already holding lock:\nff1100011d9d00e0 (\u0026q-\u003eq_usage_counter(queue)#3){++++}-{0:0}, at: del_gendisk+0xba/0x110\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #2 (\u0026q-\u003eq_usage_counter(queue)#3){++++}-{0:0}:\n blk_queue_enter+0x40b/0x470\n blkg_conf_prep+0x7b/0x3c0\n tg_set_limit+0x10a/0x3e0\n cgroup_file_write+0xc6/0x420\n kernfs_fop_write_iter+0x189/0x280\n vfs_write+0x256/0x490\n ksys_write+0x83/0x190\n __x64_sys_write+0x21/0x30\n x64_sys_call+0x4608/0x4630\n do_syscall_64+0xdb/0x6b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n-\u003e #1 (\u0026q-\u003erq_qos_mutex){+.+.}-{4:4}:\n __mutex_lock+0xd8/0xf50\n mutex_lock_nested+0x2b/0x40\n wbt_init+0x17e/0x280\n wbt_enable_default+0xe9/0x140\n blk_register_queue+0x1da/0x2e0\n __add_disk+0x38c/0x5d0\n add_disk_fwnode+0x89/0x250\n device_add_disk+0x18/0x30\n virtblk_probe+0x13a3/0x1800\n virtio_dev_probe+0x389/0x610\n really_probe+0x136/0x620\n __driver_probe_device+0xb3/0x230\n driver_probe_device+0x2f/0xe0\n __driver_attach+0x158/0x250\n bus_for_each_dev+0xa9/0x130\n driver_attach+0x26/0x40\n bus_add_driver+0x178/0x3d0\n driver_register+0x7d/0x1c0\n __register_virtio_driver+0x2c/0x60\n virtio_blk_init+0x6f/0xe0\n do_one_initcall+0x94/0x540\n kernel_init_freeable+0x56a/0x7b0\n kernel_init+0x2b/0x270\n ret_from_fork+0x268/0x4c0\n ret_from_fork_asm+0x1a/0x30\n\n-\u003e #0 (\u0026q-\u003esysfs_lock){+.+.}-{4:4}:\n __lock_acquire+0x1835/0x2940\n lock_acquire+0xf9/0x450\n __mutex_lock+0xd8/0xf50\n mutex_lock_nested+0x2b/0x40\n blk_unregister_queue+0x53/0x180\n __del_gendisk+0x226/0x690\n del_gendisk+0xba/0x110\n sd_remove+0x49/0xb0 [sd_mod]\n device_remove+0x87/0xb0\n device_release_driver_internal+0x11e/0x230\n device_release_driver+0x1a/0x30\n bus_remove_device+0x14d/0x220\n device_del+0x1e1/0x5a0\n __scsi_remove_device+0x1ff/0x2f0\n scsi_remove_device+0x37/0x60\n sdev_store_delete+0x77/0x100\n dev_attr_store+0x1f/0x40\n sysfs_kf_write+0x65/0x90\n kernfs_fop_write_iter+0x189/0x280\n vfs_write+0x256/0x490\n ksys_write+0x83/0x190\n __x64_sys_write+0x21/0x30\n x64_sys_call+0x4608/0x4630\n do_syscall_64+0xdb/0x6b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nother info that might help us debug this:\n\nChain exists of:\n \u0026q-\u003esysfs_lock --\u003e \u0026q-\u003erq_qos_mutex --\u003e \u0026q-\u003eq_usage_counter(queue)#3\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026q-\u003eq_usage_counter(queue)#3);\n lock(\u0026q-\u003erq_qos_mutex);\n lock(\u0026q-\u003eq_usage_counter(queue)#3);\n lock(\u0026q-\u003esysfs_lock);\n\nRoot cause is that queue_usage_counter is grabbed with rq_qos_mutex\nheld in blkg_conf_prep(), while queue should be freezed before\nrq_qos_mutex from other context.\n\nThe blk_queue_enter() from blkg_conf_prep() is used to protect against\npolicy deactivation, which is already protected with blkcg_mutex, hence\nconvert blk_queue_enter() to blkcg_mutex to fix this problem. Meanwhile,\nconsider that blkcg_mutex is held after queue is freezed from policy\ndeactivation, also convert blkg_alloc() to use GFP_NOIO.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68178",
"url": "https://www.suse.com/security/cve/CVE-2025-68178"
},
{
"category": "external",
"summary": "SUSE Bug 1255266 for CVE-2025-68178",
"url": "https://bugzilla.suse.com/1255266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68178"
},
{
"cve": "CVE-2025-68188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()\n\nUse RCU to avoid a pair of atomic operations and a potential\nUAF on dst_dev()-\u003eflags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68188",
"url": "https://www.suse.com/security/cve/CVE-2025-68188"
},
{
"category": "external",
"summary": "SUSE Bug 1255269 for CVE-2025-68188",
"url": "https://bugzilla.suse.com/1255269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68188"
},
{
"cve": "CVE-2025-68200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add bpf_prog_run_data_pointers()\n\nsyzbot found that cls_bpf_classify() is able to change\ntc_skb_cb(skb)-\u003edrop_reason triggering a warning in sk_skb_reason_drop().\n\nWARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 __sk_skb_reason_drop net/core/skbuff.c:1189 [inline]\nWARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 sk_skb_reason_drop+0x76/0x170 net/core/skbuff.c:1214\n\nstruct tc_skb_cb has been added in commit ec624fe740b4 (\"net/sched:\nExtend qdisc control block with tc control block\"), which added a wrong\ninteraction with db58ba459202 (\"bpf: wire in data and data_end for\ncls_act_bpf\").\n\ndrop_reason was added later.\n\nAdd bpf_prog_run_data_pointers() helper to save/restore the net_sched\nstorage colliding with BPF data_meta/data_end.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68200",
"url": "https://www.suse.com/security/cve/CVE-2025-68200"
},
{
"category": "external",
"summary": "SUSE Bug 1255241 for CVE-2025-68200",
"url": "https://bugzilla.suse.com/1255241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68200"
},
{
"cve": "CVE-2025-68215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix PTP cleanup on driver removal in error path\n\nImprove the cleanup on releasing PTP resources in error path.\nThe error case might happen either at the driver probe and PTP\nfeature initialization or on PTP restart (errors in reset handling, NVM\nupdate etc). In both cases, calls to PF PTP cleanup (ice_ptp_cleanup_pf\nfunction) and \u0027ps_lock\u0027 mutex deinitialization were missed.\nAdditionally, ptp clock was not unregistered in the latter case.\n\nKeep PTP state as \u0027uninitialized\u0027 on init to distinguish between error\nscenarios and to avoid resource release duplication at driver removal.\n\nThe consequence of missing ice_ptp_cleanup_pf call is the following call\ntrace dumped when ice_adapter object is freed (port list is not empty,\nas it is required at this stage):\n\n[ T93022] ------------[ cut here ]------------\n[ T93022] WARNING: CPU: 10 PID: 93022 at\nice/ice_adapter.c:67 ice_adapter_put+0xef/0x100 [ice]\n...\n[ T93022] RIP: 0010:ice_adapter_put+0xef/0x100 [ice]\n...\n[ T93022] Call Trace:\n[ T93022] \u003cTASK\u003e\n[ T93022] ? ice_adapter_put+0xef/0x100 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n[ T93022] ? __warn.cold+0xb0/0x10e\n[ T93022] ? ice_adapter_put+0xef/0x100 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n[ T93022] ? report_bug+0xd8/0x150\n[ T93022] ? handle_bug+0xe9/0x110\n[ T93022] ? exc_invalid_op+0x17/0x70\n[ T93022] ? asm_exc_invalid_op+0x1a/0x20\n[ T93022] ? ice_adapter_put+0xef/0x100 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n[ T93022] pci_device_remove+0x42/0xb0\n[ T93022] device_release_driver_internal+0x19f/0x200\n[ T93022] driver_detach+0x48/0x90\n[ T93022] bus_remove_driver+0x70/0xf0\n[ T93022] pci_unregister_driver+0x42/0xb0\n[ T93022] ice_module_exit+0x10/0xdb0 [ice\n33d2647ad4f6d866d41eefff1806df37c68aef0c]\n...\n[ T93022] ---[ end trace 0000000000000000 ]---\n[ T93022] ice: module unloaded",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68215",
"url": "https://www.suse.com/security/cve/CVE-2025-68215"
},
{
"category": "external",
"summary": "SUSE Bug 1255226 for CVE-2025-68215",
"url": "https://bugzilla.suse.com/1255226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68215"
},
{
"cve": "CVE-2025-68227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: Fix proto fallback detection with BPF\n\nThe sockmap feature allows bpf syscall from userspace, or based\non bpf sockops, replacing the sk_prot of sockets during protocol stack\nprocessing with sockmap\u0027s custom read/write interfaces.\n\u0027\u0027\u0027\ntcp_rcv_state_process()\n syn_recv_sock()/subflow_syn_recv_sock()\n tcp_init_transfer(BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB)\n bpf_skops_established \u003c== sockops\n bpf_sock_map_update(sk) \u003c== call bpf helper\n tcp_bpf_update_proto() \u003c== update sk_prot\n\u0027\u0027\u0027\n\nWhen the server has MPTCP enabled but the client sends a TCP SYN\nwithout MPTCP, subflow_syn_recv_sock() performs a fallback on the\nsubflow, replacing the subflow sk\u0027s sk_prot with the native sk_prot.\n\u0027\u0027\u0027\nsubflow_syn_recv_sock()\n subflow_ulp_fallback()\n subflow_drop_ctx()\n mptcp_subflow_ops_undo_override()\n\u0027\u0027\u0027\n\nThen, this subflow can be normally used by sockmap, which replaces the\nnative sk_prot with sockmap\u0027s custom sk_prot. The issue occurs when the\nuser executes accept::mptcp_stream_accept::mptcp_fallback_tcp_ops().\nHere, it uses sk-\u003esk_prot to compare with the native sk_prot, but this\nis incorrect when sockmap is used, as we may incorrectly set\nsk-\u003esk_socket-\u003eops.\n\nThis fix uses the more generic sk_family for the comparison instead.\n\nAdditionally, this also prevents a WARNING from occurring:\n\nresult from ./scripts/decode_stacktrace.sh:\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 337 at net/mptcp/protocol.c:68 mptcp_stream_accept \\\n(net/mptcp/protocol.c:4005)\nModules linked in:\n...\n\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\ndo_accept (net/socket.c:1989)\n__sys_accept4 (net/socket.c:2028 net/socket.c:2057)\n__x64_sys_accept (net/socket.c:2067)\nx64_sys_call (arch/x86/entry/syscall_64.c:41)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f87ac92b83d\n\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68227",
"url": "https://www.suse.com/security/cve/CVE-2025-68227"
},
{
"category": "external",
"summary": "SUSE Bug 1255216 for CVE-2025-68227",
"url": "https://bugzilla.suse.com/1255216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68227"
},
{
"cve": "CVE-2025-68241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68241"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe\n\nThe sit driver\u0027s packet transmission path calls: sit_tunnel_xmit() -\u003e\nupdate_or_create_fnhe(), which lead to fnhe_remove_oldest() being called\nto delete entries exceeding FNHE_RECLAIM_DEPTH+random.\n\nThe race window is between fnhe_remove_oldest() selecting fnheX for\ndeletion and the subsequent kfree_rcu(). During this time, the\nconcurrent path\u0027s __mkroute_output() -\u003e find_exception() can fetch the\nsoon-to-be-deleted fnheX, and rt_bind_exception() then binds it with a\nnew dst using a dst_hold(). When the original fnheX is freed via RCU,\nthe dst reference remains permanently leaked.\n\nCPU 0 CPU 1\n__mkroute_output()\n find_exception() [fnheX]\n update_or_create_fnhe()\n fnhe_remove_oldest() [fnheX]\n rt_bind_exception() [bind dst]\n RCU callback [fnheX freed, dst leak]\n\nThis issue manifests as a device reference count leak and a warning in\ndmesg when unregistering the net device:\n\n unregister_netdevice: waiting for sitX to become free. Usage count = N\n\nIdo Schimmel provided the simple test validation method [1].\n\nThe fix clears \u0027oldest-\u003efnhe_daddr\u0027 before calling fnhe_flush_routes().\nSince rt_bind_exception() checks this field, setting it to zero prevents\nthe stale fnhe from being reused and bound to a new dst just before it\nis freed.\n\n[1]\nip netns add ns1\nip -n ns1 link set dev lo up\nip -n ns1 address add 192.0.2.1/32 dev lo\nip -n ns1 link add name dummy1 up type dummy\nip -n ns1 route add 192.0.2.2/32 dev dummy1\nip -n ns1 link add name gretap1 up arp off type gretap \\\n local 192.0.2.1 remote 192.0.2.2\nip -n ns1 route add 198.51.0.0/16 dev gretap1\ntaskset -c 0 ip netns exec ns1 mausezahn gretap1 \\\n -A 198.51.100.1 -B 198.51.0.0/16 -t udp -p 1000 -c 0 -q \u0026\ntaskset -c 2 ip netns exec ns1 mausezahn gretap1 \\\n -A 198.51.100.1 -B 198.51.0.0/16 -t udp -p 1000 -c 0 -q \u0026\nsleep 10\nip netns pids ns1 | xargs kill\nip netns del ns1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68241",
"url": "https://www.suse.com/security/cve/CVE-2025-68241"
},
{
"category": "external",
"summary": "SUSE Bug 1255157 for CVE-2025-68241",
"url": "https://bugzilla.suse.com/1255157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68241"
},
{
"cve": "CVE-2025-68245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: netpoll: fix incorrect refcount handling causing incorrect cleanup\n\ncommit efa95b01da18 (\"netpoll: fix use after free\") incorrectly\nignored the refcount and prematurely set dev-\u003enpinfo to NULL during\nnetpoll cleanup, leading to improper behavior and memory leaks.\n\nScenario causing lack of proper cleanup:\n\n1) A netpoll is associated with a NIC (e.g., eth0) and netdev-\u003enpinfo is\n allocated, and refcnt = 1\n - Keep in mind that npinfo is shared among all netpoll instances. In\n this case, there is just one.\n\n2) Another netpoll is also associated with the same NIC and\n npinfo-\u003erefcnt += 1.\n - Now dev-\u003enpinfo-\u003erefcnt = 2;\n - There is just one npinfo associated to the netdev.\n\n3) When the first netpolls goes to clean up:\n - The first cleanup succeeds and clears np-\u003edev-\u003enpinfo, ignoring\n refcnt.\n - It basically calls `RCU_INIT_POINTER(np-\u003edev-\u003enpinfo, NULL);`\n - Set dev-\u003enpinfo = NULL, without proper cleanup\n - No -\u003endo_netpoll_cleanup() is either called\n\n4) Now the second target tries to clean up\n - The second cleanup fails because np-\u003edev-\u003enpinfo is already NULL.\n * In this case, ops-\u003endo_netpoll_cleanup() was never called, and\n the skb pool is not cleaned as well (for the second netpoll\n instance)\n - This leaks npinfo and skbpool skbs, which is clearly reported by\n kmemleak.\n\nRevert commit efa95b01da18 (\"netpoll: fix use after free\") and adds\nclarifying comments emphasizing that npinfo cleanup should only happen\nonce the refcount reaches zero, ensuring stable and correct netpoll\nbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68245",
"url": "https://www.suse.com/security/cve/CVE-2025-68245"
},
{
"category": "external",
"summary": "SUSE Bug 1255268 for CVE-2025-68245",
"url": "https://bugzilla.suse.com/1255268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68245"
},
{
"cve": "CVE-2025-68254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing\n\nThe Extended Supported Rates (ESR) IE handling in OnBeacon accessed\n*(p + 1 + ielen) and *(p + 2 + ielen) without verifying that these\noffsets lie within the received frame buffer. A malformed beacon with\nan ESR IE positioned at the end of the buffer could cause an\nout-of-bounds read, potentially triggering a kernel panic.\n\nAdd a boundary check to ensure that the ESR IE body and the subsequent\nbytes are within the limits of the frame before attempting to access\nthem.\n\nThis prevents OOB reads caused by malformed beacon frames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68254",
"url": "https://www.suse.com/security/cve/CVE-2025-68254"
},
{
"category": "external",
"summary": "SUSE Bug 1255140 for CVE-2025-68254",
"url": "https://bugzilla.suse.com/1255140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68254"
},
{
"cve": "CVE-2025-68256",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68256"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser\n\nThe Information Element (IE) parser rtw_get_ie() trusted the length\nbyte of each IE without validating that the IE body (len bytes after\nthe 2-byte header) fits inside the remaining frame buffer. A malformed\nframe can advertise an IE length larger than the available data, causing\nthe parser to increment its pointer beyond the buffer end. This results\nin out-of-bounds reads or, depending on the pattern, an infinite loop.\n\nFix by validating that (offset + 2 + len) does not exceed the limit\nbefore accepting the IE or advancing to the next element.\n\nThis prevents OOB reads and ensures the parser terminates safely on\nmalformed frames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68256",
"url": "https://www.suse.com/security/cve/CVE-2025-68256"
},
{
"category": "external",
"summary": "SUSE Bug 1255138 for CVE-2025-68256",
"url": "https://bugzilla.suse.com/1255138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68256"
},
{
"cve": "CVE-2025-68261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add i_data_sem protection in ext4_destroy_inline_data_nolock()\n\nFix a race between inline data destruction and block mapping.\n\nThe function ext4_destroy_inline_data_nolock() changes the inode data\nlayout by clearing EXT4_INODE_INLINE_DATA and setting EXT4_INODE_EXTENTS.\nAt the same time, another thread may execute ext4_map_blocks(), which\ntests EXT4_INODE_EXTENTS to decide whether to call ext4_ext_map_blocks()\nor ext4_ind_map_blocks().\n\nWithout i_data_sem protection, ext4_ind_map_blocks() may receive inode\nwith EXT4_INODE_EXTENTS flag and triggering assert.\n\nkernel BUG at fs/ext4/indirect.c:546!\nEXT4-fs (loop2): unmounting filesystem.\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:ext4_ind_map_blocks.cold+0x2b/0x5a fs/ext4/indirect.c:546\n\nCall Trace:\n \u003cTASK\u003e\n ext4_map_blocks+0xb9b/0x16f0 fs/ext4/inode.c:681\n _ext4_get_block+0x242/0x590 fs/ext4/inode.c:822\n ext4_block_write_begin+0x48b/0x12c0 fs/ext4/inode.c:1124\n ext4_write_begin+0x598/0xef0 fs/ext4/inode.c:1255\n ext4_da_write_begin+0x21e/0x9c0 fs/ext4/inode.c:3000\n generic_perform_write+0x259/0x5d0 mm/filemap.c:3846\n ext4_buffered_write_iter+0x15b/0x470 fs/ext4/file.c:285\n ext4_file_write_iter+0x8e0/0x17f0 fs/ext4/file.c:679\n call_write_iter include/linux/fs.h:2271 [inline]\n do_iter_readv_writev+0x212/0x3c0 fs/read_write.c:735\n do_iter_write+0x186/0x710 fs/read_write.c:861\n vfs_iter_write+0x70/0xa0 fs/read_write.c:902\n iter_file_splice_write+0x73b/0xc90 fs/splice.c:685\n do_splice_from fs/splice.c:763 [inline]\n direct_splice_actor+0x10f/0x170 fs/splice.c:950\n splice_direct_to_actor+0x33a/0xa10 fs/splice.c:896\n do_splice_direct+0x1a9/0x280 fs/splice.c:1002\n do_sendfile+0xb13/0x12c0 fs/read_write.c:1255\n __do_sys_sendfile64 fs/read_write.c:1323 [inline]\n __se_sys_sendfile64 fs/read_write.c:1309 [inline]\n __x64_sys_sendfile64+0x1cf/0x210 fs/read_write.c:1309\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68261",
"url": "https://www.suse.com/security/cve/CVE-2025-68261"
},
{
"category": "external",
"summary": "SUSE Bug 1255164 for CVE-2025-68261",
"url": "https://bugzilla.suse.com/1255164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68261"
},
{
"cve": "CVE-2025-68284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds writes in handle_auth_session_key()\n\nThe len field originates from untrusted network packets. Boundary\nchecks have been added to prevent potential out-of-bounds writes when\ndecrypting the connection secret or processing service tickets.\n\n[ idryomov: changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68284",
"url": "https://www.suse.com/security/cve/CVE-2025-68284"
},
{
"category": "external",
"summary": "SUSE Bug 1255377 for CVE-2025-68284",
"url": "https://bugzilla.suse.com/1255377"
},
{
"category": "external",
"summary": "SUSE Bug 1255378 for CVE-2025-68284",
"url": "https://bugzilla.suse.com/1255378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-68284"
},
{
"cve": "CVE-2025-68285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68285"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix potential use-after-free in have_mon_and_osd_map()\n\nThe wait loop in __ceph_open_session() can race with the client\nreceiving a new monmap or osdmap shortly after the initial map is\nreceived. Both ceph_monc_handle_map() and handle_one_map() install\na new map immediately after freeing the old one\n\n kfree(monc-\u003emonmap);\n monc-\u003emonmap = monmap;\n\n ceph_osdmap_destroy(osdc-\u003eosdmap);\n osdc-\u003eosdmap = newmap;\n\nunder client-\u003emonc.mutex and client-\u003eosdc.lock respectively, but\nbecause neither is taken in have_mon_and_osd_map() it\u0027s possible for\nclient-\u003emonc.monmap-\u003eepoch and client-\u003eosdc.osdmap-\u003eepoch arms in\n\n client-\u003emonc.monmap \u0026\u0026 client-\u003emonc.monmap-\u003eepoch \u0026\u0026\n client-\u003eosdc.osdmap \u0026\u0026 client-\u003eosdc.osdmap-\u003eepoch;\n\ncondition to dereference an already freed map. This happens to be\nreproducible with generic/395 and generic/397 with KASAN enabled:\n\n BUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70\n Read of size 4 at addr ffff88811012d810 by task mount.ceph/13305\n CPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266\n ...\n Call Trace:\n \u003cTASK\u003e\n have_mon_and_osd_map+0x56/0x70\n ceph_open_session+0x182/0x290\n ceph_get_tree+0x333/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n Allocated by task 13305:\n ceph_osdmap_alloc+0x16/0x130\n ceph_osdc_init+0x27a/0x4c0\n ceph_create_client+0x153/0x190\n create_fs_client+0x50/0x2a0\n ceph_get_tree+0xff/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 9475:\n kfree+0x212/0x290\n handle_one_map+0x23c/0x3b0\n ceph_osdc_handle_map+0x3c9/0x590\n mon_dispatch+0x655/0x6f0\n ceph_con_process_message+0xc3/0xe0\n ceph_con_v1_try_read+0x614/0x760\n ceph_con_workfn+0x2de/0x650\n process_one_work+0x486/0x7c0\n process_scheduled_works+0x73/0x90\n worker_thread+0x1c8/0x2a0\n kthread+0x2ec/0x300\n ret_from_fork+0x24/0x40\n ret_from_fork_asm+0x1a/0x30\n\nRewrite the wait loop to check the above condition directly with\nclient-\u003emonc.mutex and client-\u003eosdc.lock taken as appropriate. While\nat it, improve the timeout handling (previously mount_timeout could be\nexceeded in case wait_event_interruptible_timeout() slept more than\nonce) and access client-\u003eauth_err under client-\u003emonc.mutex to match\nhow it\u0027s set in finish_auth().\n\nmonmap_show() and osdmap_show() now take the respective lock before\naccessing the map as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68285",
"url": "https://www.suse.com/security/cve/CVE-2025-68285"
},
{
"category": "external",
"summary": "SUSE Bug 1255401 for CVE-2025-68285",
"url": "https://bugzilla.suse.com/1255401"
},
{
"category": "external",
"summary": "SUSE Bug 1255402 for CVE-2025-68285",
"url": "https://bugzilla.suse.com/1255402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-68285"
},
{
"cve": "CVE-2025-68296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup\n\nProtect vga_switcheroo_client_fb_set() with console lock. Avoids OOB\naccess in fbcon_remap_all(). Without holding the console lock the call\nraces with switching outputs.\n\nVGA switcheroo calls fbcon_remap_all() when switching clients. The fbcon\nfunction uses struct fb_info.node, which is set by register_framebuffer().\nAs the fb-helper code currently sets up VGA switcheroo before registering\nthe framebuffer, the value of node is -1 and therefore not a legal value.\nFor example, fbcon uses the value within set_con2fb_map() [1] as an index\ninto an array.\n\nMoving vga_switcheroo_client_fb_set() after register_framebuffer() can\nresult in VGA switching that does not switch fbcon correctly.\n\nTherefore move vga_switcheroo_client_fb_set() under fbcon_fb_registered(),\nwhich already holds the console lock. Fbdev calls fbcon_fb_registered()\nfrom within register_framebuffer(). Serializes the helper with VGA\nswitcheroo\u0027s call to fbcon_remap_all().\n\nAlthough vga_switcheroo_client_fb_set() takes an instance of struct fb_info\nas parameter, it really only needs the contained fbcon state. Moving the\ncall to fbcon initialization is therefore cleaner than before. Only amdgpu,\ni915, nouveau and radeon support vga_switcheroo. For all other drivers,\nthis change does nothing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68296",
"url": "https://www.suse.com/security/cve/CVE-2025-68296"
},
{
"category": "external",
"summary": "SUSE Bug 1255128 for CVE-2025-68296",
"url": "https://bugzilla.suse.com/1255128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68296"
},
{
"cve": "CVE-2025-68297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix crash in process_v2_sparse_read() for encrypted directories\n\nThe crash in process_v2_sparse_read() for fscrypt-encrypted directories\nhas been reported. Issue takes place for Ceph msgr2 protocol in secure\nmode. It can be reproduced by the steps:\n\nsudo mount -t ceph :/ /mnt/cephfs/ -o name=admin,fs=cephfs,ms_mode=secure\n\n(1) mkdir /mnt/cephfs/fscrypt-test-3\n(2) cp area_decrypted.tar /mnt/cephfs/fscrypt-test-3\n(3) fscrypt encrypt --source=raw_key --key=./my.key /mnt/cephfs/fscrypt-test-3\n(4) fscrypt lock /mnt/cephfs/fscrypt-test-3\n(5) fscrypt unlock --key=my.key /mnt/cephfs/fscrypt-test-3\n(6) cat /mnt/cephfs/fscrypt-test-3/area_decrypted.tar\n(7) Issue has been triggered\n\n[ 408.072247] ------------[ cut here ]------------\n[ 408.072251] WARNING: CPU: 1 PID: 392 at net/ceph/messenger_v2.c:865\nceph_con_v2_try_read+0x4b39/0x72f0\n[ 408.072267] Modules linked in: intel_rapl_msr intel_rapl_common\nintel_uncore_frequency_common intel_pmc_core pmt_telemetry pmt_discovery\npmt_class intel_pmc_ssram_telemetry intel_vsec kvm_intel joydev kvm irqbypass\npolyval_clmulni ghash_clmulni_intel aesni_intel rapl input_leds psmouse\nserio_raw i2c_piix4 vga16fb bochs vgastate i2c_smbus floppy mac_hid qemu_fw_cfg\npata_acpi sch_fq_codel rbd msr parport_pc ppdev lp parport efi_pstore\n[ 408.072304] CPU: 1 UID: 0 PID: 392 Comm: kworker/1:3 Not tainted 6.17.0-rc7+\n[ 408.072307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.17.0-5.fc42 04/01/2014\n[ 408.072310] Workqueue: ceph-msgr ceph_con_workfn\n[ 408.072314] RIP: 0010:ceph_con_v2_try_read+0x4b39/0x72f0\n[ 408.072317] Code: c7 c1 20 f0 d4 ae 50 31 d2 48 c7 c6 60 27 d5 ae 48 c7 c7 f8\n8e 6f b0 68 60 38 d5 ae e8 00 47 61 fe 48 83 c4 18 e9 ac fc ff ff \u003c0f\u003e 0b e9 06\nfe ff ff 4c 8b 9d 98 fd ff ff 0f 84 64 e7 ff ff 89 85\n[ 408.072319] RSP: 0018:ffff88811c3e7a30 EFLAGS: 00010246\n[ 408.072322] RAX: ffffed1024874c6f RBX: ffffea00042c2b40 RCX: 0000000000000f38\n[ 408.072324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 408.072325] RBP: ffff88811c3e7ca8 R08: 0000000000000000 R09: 00000000000000c8\n[ 408.072326] R10: 00000000000000c8 R11: 0000000000000000 R12: 00000000000000c8\n[ 408.072327] R13: dffffc0000000000 R14: ffff8881243a6030 R15: 0000000000003000\n[ 408.072329] FS: 0000000000000000(0000) GS:ffff88823eadf000(0000)\nknlGS:0000000000000000\n[ 408.072331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 408.072332] CR2: 000000c0003c6000 CR3: 000000010c106005 CR4: 0000000000772ef0\n[ 408.072336] PKRU: 55555554\n[ 408.072337] Call Trace:\n[ 408.072338] \u003cTASK\u003e\n[ 408.072340] ? sched_clock_noinstr+0x9/0x10\n[ 408.072344] ? __pfx_ceph_con_v2_try_read+0x10/0x10\n[ 408.072347] ? _raw_spin_unlock+0xe/0x40\n[ 408.072349] ? finish_task_switch.isra.0+0x15d/0x830\n[ 408.072353] ? __kasan_check_write+0x14/0x30\n[ 408.072357] ? mutex_lock+0x84/0xe0\n[ 408.072359] ? __pfx_mutex_lock+0x10/0x10\n[ 408.072361] ceph_con_workfn+0x27e/0x10e0\n[ 408.072364] ? metric_delayed_work+0x311/0x2c50\n[ 408.072367] process_one_work+0x611/0xe20\n[ 408.072371] ? __kasan_check_write+0x14/0x30\n[ 408.072373] worker_thread+0x7e3/0x1580\n[ 408.072375] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ 408.072378] ? __pfx_worker_thread+0x10/0x10\n[ 408.072381] kthread+0x381/0x7a0\n[ 408.072383] ? __pfx__raw_spin_lock_irq+0x10/0x10\n[ 408.072385] ? __pfx_kthread+0x10/0x10\n[ 408.072387] ? __kasan_check_write+0x14/0x30\n[ 408.072389] ? recalc_sigpending+0x160/0x220\n[ 408.072392] ? _raw_spin_unlock_irq+0xe/0x50\n[ 408.072394] ? calculate_sigpending+0x78/0xb0\n[ 408.072395] ? __pfx_kthread+0x10/0x10\n[ 408.072397] ret_from_fork+0x2b6/0x380\n[ 408.072400] ? __pfx_kthread+0x10/0x10\n[ 408.072402] ret_from_fork_asm+0x1a/0x30\n[ 408.072406] \u003c/TASK\u003e\n[ 408.072407] ---[ end trace 0000000000000000 ]---\n[ 408.072418] Oops: general protection fault, probably for non-canonical\naddress 0xdffffc00000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68297",
"url": "https://www.suse.com/security/cve/CVE-2025-68297"
},
{
"category": "external",
"summary": "SUSE Bug 1255403 for CVE-2025-68297",
"url": "https://bugzilla.suse.com/1255403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68297"
},
{
"cve": "CVE-2025-68301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: fix fragment overflow handling in RX path\n\nThe atlantic driver can receive packets with more than MAX_SKB_FRAGS (17)\nfragments when handling large multi-descriptor packets. This causes an\nout-of-bounds write in skb_add_rx_frag_netmem() leading to kernel panic.\n\nThe issue occurs because the driver doesn\u0027t check the total number of\nfragments before calling skb_add_rx_frag(). When a packet requires more\nthan MAX_SKB_FRAGS fragments, the fragment index exceeds the array bounds.\n\nFix by assuming there will be an extra frag if buff-\u003elen \u003e AQ_CFG_RX_HDR_SIZE,\nthen all fragments are accounted for. And reusing the existing check to\nprevent the overflow earlier in the code path.\n\nThis crash occurred in production with an Aquantia AQC113 10G NIC.\n\nStack trace from production environment:\n```\nRIP: 0010:skb_add_rx_frag_netmem+0x29/0xd0\nCode: 90 f3 0f 1e fa 0f 1f 44 00 00 48 89 f8 41 89\nca 48 89 d7 48 63 ce 8b 90 c0 00 00 00 48 c1 e1 04 48 01 ca 48 03 90\nc8 00 00 00 \u003c48\u003e 89 7a 30 44 89 52 3c 44 89 42 38 40 f6 c7 01 75 74 48\n89 fa 83\nRSP: 0018:ffffa9bec02a8d50 EFLAGS: 00010287\nRAX: ffff925b22e80a00 RBX: ffff925ad38d2700 RCX:\nfffffffe0a0c8000\nRDX: ffff9258ea95bac0 RSI: ffff925ae0a0c800 RDI:\n0000000000037a40\nRBP: 0000000000000024 R08: 0000000000000000 R09:\n0000000000000021\nR10: 0000000000000848 R11: 0000000000000000 R12:\nffffa9bec02a8e24\nR13: ffff925ad8615570 R14: 0000000000000000 R15:\nffff925b22e80a00\nFS: 0000000000000000(0000)\nGS:ffff925e47880000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffff9258ea95baf0 CR3: 0000000166022004 CR4:\n0000000000f72ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\naq_ring_rx_clean+0x175/0xe60 [atlantic]\n? aq_ring_rx_clean+0x14d/0xe60 [atlantic]\n? aq_ring_tx_clean+0xdf/0x190 [atlantic]\n? kmem_cache_free+0x348/0x450\n? aq_vec_poll+0x81/0x1d0 [atlantic]\n? __napi_poll+0x28/0x1c0\n? net_rx_action+0x337/0x420\n```\n\nChanges in v4:\n- Add Fixes: tag to satisfy patch validation requirements.\n\nChanges in v3:\n- Fix by assuming there will be an extra frag if buff-\u003elen \u003e AQ_CFG_RX_HDR_SIZE,\n then all fragments are accounted for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68301",
"url": "https://www.suse.com/security/cve/CVE-2025-68301"
},
{
"category": "external",
"summary": "SUSE Bug 1255120 for CVE-2025-68301",
"url": "https://bugzilla.suse.com/1255120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68301"
},
{
"cve": "CVE-2025-68320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlan966x: Fix sleeping in atomic context\n\nThe following warning was seen when we try to connect using ssh to the device.\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:575\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 104, name: dropbear\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nCPU: 0 UID: 0 PID: 104 Comm: dropbear Tainted: G W 6.18.0-rc2-00399-g6f1ab1b109b9-dirty #530 NONE\nTainted: [W]=WARN\nHardware name: Generic DT based system\nCall trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x7c/0xac\n dump_stack_lvl from __might_resched+0x16c/0x2b0\n __might_resched from __mutex_lock+0x64/0xd34\n __mutex_lock from mutex_lock_nested+0x1c/0x24\n mutex_lock_nested from lan966x_stats_get+0x5c/0x558\n lan966x_stats_get from dev_get_stats+0x40/0x43c\n dev_get_stats from dev_seq_printf_stats+0x3c/0x184\n dev_seq_printf_stats from dev_seq_show+0x10/0x30\n dev_seq_show from seq_read_iter+0x350/0x4ec\n seq_read_iter from seq_read+0xfc/0x194\n seq_read from proc_reg_read+0xac/0x100\n proc_reg_read from vfs_read+0xb0/0x2b0\n vfs_read from ksys_read+0x6c/0xec\n ksys_read from ret_fast_syscall+0x0/0x1c\nException stack(0xf0b11fa8 to 0xf0b11ff0)\n1fa0: 00000001 00001000 00000008 be9048d8 00001000 00000001\n1fc0: 00000001 00001000 00000008 00000003 be905920 0000001e 00000000 00000001\n1fe0: 0005404c be9048c0 00018684 b6ec2cd8\n\nIt seems that we are using a mutex in a atomic context which is wrong.\nChange the mutex with a spinlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68320",
"url": "https://www.suse.com/security/cve/CVE-2025-68320"
},
{
"category": "external",
"summary": "SUSE Bug 1255172 for CVE-2025-68320",
"url": "https://bugzilla.suse.com/1255172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68320"
},
{
"cve": "CVE-2025-68325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_cake: Fix incorrect qlen reduction in cake_drop\n\nIn cake_drop(), qdisc_tree_reduce_backlog() is used to update the qlen\nand backlog of the qdisc hierarchy. Its caller, cake_enqueue(), assumes\nthat the parent qdisc will enqueue the current packet. However, this\nassumption breaks when cake_enqueue() returns NET_XMIT_CN: the parent\nqdisc stops enqueuing current packet, leaving the tree qlen/backlog\naccounting inconsistent. This mismatch can lead to a NULL dereference\n(e.g., when the parent Qdisc is qfq_qdisc).\n\nThis patch computes the qlen/backlog delta in a more robust way by\nobserving the difference before and after the series of cake_drop()\ncalls, and then compensates the qdisc tree accounting if cake_enqueue()\nreturns NET_XMIT_CN.\n\nTo ensure correct compensation when ACK thinning is enabled, a new\nvariable is introduced to keep qlen unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68325",
"url": "https://www.suse.com/security/cve/CVE-2025-68325"
},
{
"category": "external",
"summary": "SUSE Bug 1255417 for CVE-2025-68325",
"url": "https://bugzilla.suse.com/1255417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68325"
},
{
"cve": "CVE-2025-68327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Fix synchronous external abort on unbind\n\nA synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is\nexecuted after the configuration sequence described above:\n\nmodprobe usb_f_ecm\nmodprobe libcomposite\nmodprobe configfs\ncd /sys/kernel/config/usb_gadget\nmkdir -p g1\ncd g1\necho \"0x1d6b\" \u003e idVendor\necho \"0x0104\" \u003e idProduct\nmkdir -p strings/0x409\necho \"0123456789\" \u003e strings/0x409/serialnumber\necho \"Renesas.\" \u003e strings/0x409/manufacturer\necho \"Ethernet Gadget\" \u003e strings/0x409/product\nmkdir -p functions/ecm.usb0\nmkdir -p configs/c.1\nmkdir -p configs/c.1/strings/0x409\necho \"ECM\" \u003e configs/c.1/strings/0x409/configuration\n\nif [ ! -L configs/c.1/ecm.usb0 ]; then\n ln -s functions/ecm.usb0 configs/c.1\nfi\n\necho 11e20000.usb \u003e UDC\necho 11e20000.usb \u003e /sys/bus/platform/drivers/renesas_usbhs/unbind\n\nThe displayed trace is as follows:\n\n Internal error: synchronous external abort: 0000000096000010 [#1] SMP\n CPU: 0 UID: 0 PID: 188 Comm: sh Tainted: G M 6.17.0-rc7-next-20250922-00010-g41050493b2bd #55 PREEMPT\n Tainted: [M]=MACHINE_CHECK\n Hardware name: Renesas SMARC EVK version 2 based on r9a08g045s33 (DT)\n pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs]\n lr : usbhsg_update_pullup+0x3c/0x68 [renesas_usbhs]\n sp : ffff8000838b3920\n x29: ffff8000838b3920 x28: ffff00000d585780 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: ffff00000c3e3810\n x23: ffff00000d5e5c80 x22: ffff00000d5e5d40 x21: 0000000000000000\n x20: 0000000000000000 x19: ffff00000d5e5c80 x18: 0000000000000020\n x17: 2e30303230316531 x16: 312d7968703a7968 x15: 3d454d414e5f4344\n x14: 000000000000002c x13: 0000000000000000 x12: 0000000000000000\n x11: ffff00000f358f38 x10: ffff00000f358db0 x9 : ffff00000b41f418\n x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\n x5 : 8080808000000000 x4 : 000000004b5ccb9d x3 : 0000000000000000\n x2 : 0000000000000000 x1 : ffff800083790000 x0 : ffff00000d5e5c80\n Call trace:\n usbhs_sys_function_pullup+0x10/0x40 [renesas_usbhs] (P)\n usbhsg_pullup+0x4c/0x7c [renesas_usbhs]\n usb_gadget_disconnect_locked+0x48/0xd4\n gadget_unbind_driver+0x44/0x114\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1c8/0x224\n device_release_driver+0x18/0x24\n bus_remove_device+0xcc/0x10c\n device_del+0x14c/0x404\n usb_del_gadget+0x88/0xc0\n usb_del_gadget_udc+0x18/0x30\n usbhs_mod_gadget_remove+0x24/0x44 [renesas_usbhs]\n usbhs_mod_remove+0x20/0x30 [renesas_usbhs]\n usbhs_remove+0x98/0xdc [renesas_usbhs]\n platform_remove+0x20/0x30\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1c8/0x224\n device_driver_detach+0x18/0x24\n unbind_store+0xb4/0xb8\n drv_attr_store+0x24/0x38\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x128/0x1b8\n vfs_write+0x2ac/0x350\n ksys_write+0x68/0xfc\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xf0\n el0t_64_sync_handler+0xa0/0xe4\n el0t_64_sync+0x198/0x19c\n Code: 7100003f 1a9f07e1 531c6c22 f9400001 (79400021)\n ---[ end trace 0000000000000000 ]---\n note: sh[188] exited with irqs disabled\n note: sh[188] exited with preempt_count 1\n\nThe issue occurs because usbhs_sys_function_pullup(), which accesses the IP\nregisters, is executed after the USBHS clocks have been disabled. The\nproblem is reproducible on the Renesas RZ/G3S SoC starting with the\naddition of module stop in the clock enable/disable APIs. With module stop\nfunctionality enabled, a bus error is expected if a master accesses a\nmodule whose clock has been stopped and module stop activated.\n\nDisable the IP clocks at the end of remove.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68327",
"url": "https://www.suse.com/security/cve/CVE-2025-68327"
},
{
"category": "external",
"summary": "SUSE Bug 1255488 for CVE-2025-68327",
"url": "https://bugzilla.suse.com/1255488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68327"
},
{
"cve": "CVE-2025-68337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted\n\nThere\u0027s issue when file system corrupted:\n------------[ cut here ]------------\nkernel BUG at fs/jbd2/transaction.c:1289!\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 5 UID: 0 PID: 2031 Comm: mkdir Not tainted 6.18.0-rc1-next\nRIP: 0010:jbd2_journal_get_create_access+0x3b6/0x4d0\nRSP: 0018:ffff888117aafa30 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: ffff88811a86b000 RCX: ffffffff89a63534\nRDX: 1ffff110200ec602 RSI: 0000000000000004 RDI: ffff888100763010\nRBP: ffff888100763000 R08: 0000000000000001 R09: ffff888100763028\nR10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff88812c432000 R14: ffff88812c608000 R15: ffff888120bfc000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f91d6970c99 CR3: 00000001159c4000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __ext4_journal_get_create_access+0x42/0x170\n ext4_getblk+0x319/0x6f0\n ext4_bread+0x11/0x100\n ext4_append+0x1e6/0x4a0\n ext4_init_new_dir+0x145/0x1d0\n ext4_mkdir+0x326/0x920\n vfs_mkdir+0x45c/0x740\n do_mkdirat+0x234/0x2f0\n __x64_sys_mkdir+0xd6/0x120\n do_syscall_64+0x5f/0xfa0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe above issue occurs with us in errors=continue mode when accompanied by\nstorage failures. There have been many inconsistencies in the file system\ndata.\nIn the case of file system data inconsistency, for example, if the block\nbitmap of a referenced block is not set, it can lead to the situation where\na block being committed is allocated and used again. As a result, the\nfollowing condition will not be satisfied then trigger BUG_ON. Of course,\nit is entirely possible to construct a problematic image that can trigger\nthis BUG_ON through specific operations. In fact, I have constructed such\nan image and easily reproduced this issue.\nTherefore, J_ASSERT() holds true only under ideal conditions, but it may\nnot necessarily be satisfied in exceptional scenarios. Using J_ASSERT()\ndirectly in abnormal situations would cause the system to crash, which is\nclearly not what we want. So here we directly trigger a JBD abort instead\nof immediately invoking BUG_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68337",
"url": "https://www.suse.com/security/cve/CVE-2025-68337"
},
{
"category": "external",
"summary": "SUSE Bug 1255482 for CVE-2025-68337",
"url": "https://bugzilla.suse.com/1255482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68337"
},
{
"cve": "CVE-2025-68349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68349"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid\n\nFixes a crash when layout is null during this call stack:\n\nwrite_inode\n -\u003e nfs4_write_inode\n -\u003e pnfs_layoutcommit_inode\n\npnfs_set_layoutcommit relies on the lseg refcount to keep the layout\naround. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt\nto reference a null layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68349",
"url": "https://www.suse.com/security/cve/CVE-2025-68349"
},
{
"category": "external",
"summary": "SUSE Bug 1255544 for CVE-2025-68349",
"url": "https://bugzilla.suse.com/1255544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68349"
},
{
"cve": "CVE-2025-68363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68363"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check skb-\u003etransport_header is set in bpf_skb_check_mtu\n\nThe bpf_skb_check_mtu helper needs to use skb-\u003etransport_header when\nthe BPF_MTU_CHK_SEGS flag is used:\n\n\tbpf_skb_check_mtu(skb, ifindex, \u0026mtu_len, 0, BPF_MTU_CHK_SEGS)\n\nThe transport_header is not always set. There is a WARN_ON_ONCE\nreport when CONFIG_DEBUG_NET is enabled + skb-\u003egso_size is set +\nbpf_prog_test_run is used:\n\nWARNING: CPU: 1 PID: 2216 at ./include/linux/skbuff.h:3071\n skb_gso_validate_network_len\n bpf_skb_check_mtu\n bpf_prog_3920e25740a41171_tc_chk_segs_flag # A test in the next patch\n bpf_test_run\n bpf_prog_test_run_skb\n\nFor a normal ingress skb (not test_run), skb_reset_transport_header\nis performed but there is plan to avoid setting it as described in\ncommit 2170a1f09148 (\"net: no longer reset transport_header in __netif_receive_skb_core()\").\n\nThis patch fixes the bpf helper by checking\nskb_transport_header_was_set(). The check is done just before\nskb-\u003etransport_header is used, to avoid breaking the existing bpf prog.\nThe WARN_ON_ONCE is limited to bpf_prog_test_run, so targeting bpf-next.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68363",
"url": "https://www.suse.com/security/cve/CVE-2025-68363"
},
{
"category": "external",
"summary": "SUSE Bug 1255552 for CVE-2025-68363",
"url": "https://bugzilla.suse.com/1255552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68363"
},
{
"cve": "CVE-2025-68365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68365"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Initialize allocated memory before use\n\nKMSAN reports: Multiple uninitialized values detected:\n\n- KMSAN: uninit-value in ntfs_read_hdr (3)\n- KMSAN: uninit-value in bcmp (3)\n\nMemory is allocated by __getname(), which is a wrapper for\nkmem_cache_alloc(). This memory is used before being properly\ncleared. Change kmem_cache_alloc() to kmem_cache_zalloc() to\nproperly allocate and clear memory before use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68365",
"url": "https://www.suse.com/security/cve/CVE-2025-68365"
},
{
"category": "external",
"summary": "SUSE Bug 1255548 for CVE-2025-68365",
"url": "https://bugzilla.suse.com/1255548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68365"
},
{
"cve": "CVE-2025-68366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68366"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: defer config unlock in nbd_genl_connect\n\nThere is one use-after-free warning when running NBD_CMD_CONNECT and\nNBD_CLEAR_SOCK:\n\nnbd_genl_connect\n nbd_alloc_and_init_config // config_refs=1\n nbd_start_device // config_refs=2\n set NBD_RT_HAS_CONFIG_REF\t\t\topen nbd // config_refs=3\n recv_work done // config_refs=2\n\t\t\t\t\t\tNBD_CLEAR_SOCK // config_refs=1\n\t\t\t\t\t\tclose nbd // config_refs=0\n refcount_inc -\u003e uaf\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 24 PID: 1014 at lib/refcount.c:25 refcount_warn_saturate+0x12e/0x290\n nbd_genl_connect+0x16d0/0x1ab0\n genl_family_rcv_msg_doit+0x1f3/0x310\n genl_rcv_msg+0x44a/0x790\n\nThe issue can be easily reproduced by adding a small delay before\nrefcount_inc(\u0026nbd-\u003econfig_refs) in nbd_genl_connect():\n\n mutex_unlock(\u0026nbd-\u003econfig_lock);\n if (!ret) {\n set_bit(NBD_RT_HAS_CONFIG_REF, \u0026config-\u003eruntime_flags);\n+ printk(\"before sleep\\n\");\n+ mdelay(5 * 1000);\n+ printk(\"after sleep\\n\");\n refcount_inc(\u0026nbd-\u003econfig_refs);\n nbd_connect_reply(info, nbd-\u003eindex);\n }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68366",
"url": "https://www.suse.com/security/cve/CVE-2025-68366"
},
{
"category": "external",
"summary": "SUSE Bug 1255622 for CVE-2025-68366",
"url": "https://bugzilla.suse.com/1255622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68366"
},
{
"cve": "CVE-2025-68367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68367"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse\n\nThe following warning appears when running syzkaller, and this issue also\nexists in the mainline code.\n\n ------------[ cut here ]------------\n list_add double add: new=ffffffffa57eee28, prev=ffffffffa57eee28, next=ffffffffa5e63100.\n WARNING: CPU: 0 PID: 1491 at lib/list_debug.c:35 __list_add_valid_or_report+0xf7/0x130\n Modules linked in:\n CPU: 0 PID: 1491 Comm: syz.1.28 Not tainted 6.6.0+ #3\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__list_add_valid_or_report+0xf7/0x130\n RSP: 0018:ff1100010dfb7b78 EFLAGS: 00010282\n RAX: 0000000000000000 RBX: ffffffffa57eee18 RCX: ffffffff97fc9817\n RDX: 0000000000040000 RSI: ffa0000002383000 RDI: 0000000000000001\n RBP: ffffffffa57eee28 R08: 0000000000000001 R09: ffe21c0021bf6f2c\n R10: 0000000000000001 R11: 6464615f7473696c R12: ffffffffa5e63100\n R13: ffffffffa57eee28 R14: ffffffffa57eee28 R15: ff1100010dfb7d48\n FS: 00007fb14398b640(0000) GS:ff11000119600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000010d096005 CR4: 0000000000773ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 80000000\n Call Trace:\n \u003cTASK\u003e\n input_register_handler+0xb3/0x210\n mac_hid_start_emulation+0x1c5/0x290\n mac_hid_toggle_emumouse+0x20a/0x240\n proc_sys_call_handler+0x4c2/0x6e0\n new_sync_write+0x1b1/0x2d0\n vfs_write+0x709/0x950\n ksys_write+0x12a/0x250\n do_syscall_64+0x5a/0x110\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe WARNING occurs when two processes concurrently write to the mac-hid\nemulation sysctl, causing a race condition in mac_hid_toggle_emumouse().\nBoth processes read old_val=0, then both try to register the input handler,\nleading to a double list_add of the same handler.\n\n CPU0 CPU1\n ------------------------- -------------------------\n vfs_write() //write 1 vfs_write() //write 1\n proc_sys_write() proc_sys_write()\n mac_hid_toggle_emumouse() mac_hid_toggle_emumouse()\n old_val = *valp // old_val=0\n old_val = *valp // old_val=0\n mutex_lock_killable()\n proc_dointvec() // *valp=1\n mac_hid_start_emulation()\n input_register_handler()\n mutex_unlock()\n mutex_lock_killable()\n proc_dointvec()\n mac_hid_start_emulation()\n input_register_handler() //Trigger Warning\n mutex_unlock()\n\nFix this by moving the old_val read inside the mutex lock region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68367",
"url": "https://www.suse.com/security/cve/CVE-2025-68367"
},
{
"category": "external",
"summary": "SUSE Bug 1255547 for CVE-2025-68367",
"url": "https://bugzilla.suse.com/1255547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68367"
},
{
"cve": "CVE-2025-68372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68372"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: defer config put in recv_work\n\nThere is one uaf issue in recv_work when running NBD_CLEAR_SOCK and\nNBD_CMD_RECONFIGURE:\n nbd_genl_connect // conf_ref=2 (connect and recv_work A)\n nbd_open\t // conf_ref=3\n recv_work A done // conf_ref=2\n NBD_CLEAR_SOCK // conf_ref=1\n nbd_genl_reconfigure // conf_ref=2 (trigger recv_work B)\n close nbd\t // conf_ref=1\n recv_work B\n config_put // conf_ref=0\n atomic_dec(\u0026config-\u003erecv_threads); -\u003e UAF\n\nOr only running NBD_CLEAR_SOCK:\n nbd_genl_connect // conf_ref=2\n nbd_open \t // conf_ref=3\n NBD_CLEAR_SOCK // conf_ref=2\n close nbd\n nbd_release\n config_put // conf_ref=1\n recv_work\n config_put \t // conf_ref=0\n atomic_dec(\u0026config-\u003erecv_threads); -\u003e UAF\n\nCommit 87aac3a80af5 (\"nbd: call nbd_config_put() before notifying the\nwaiter\") moved nbd_config_put() to run before waking up the waiter in\nrecv_work, in order to ensure that nbd_start_device_ioctl() would not\nbe woken up while nbd-\u003etask_recv was still uncleared.\n\nHowever, in nbd_start_device_ioctl(), after being woken up it explicitly\ncalls flush_workqueue() to make sure all current works are finished.\nTherefore, there is no need to move the config put ahead of the wakeup.\n\nMove nbd_config_put() to the end of recv_work, so that the reference is\nheld for the whole lifetime of the worker thread. This makes sure the\nconfig cannot be freed while recv_work is still running, even if clear\n+ reconfigure interleave.\n\nIn addition, we don\u0027t need to worry about recv_work dropping the last\nnbd_put (which causes deadlock):\n\npath A (netlink with NBD_CFLAG_DESTROY_ON_DISCONNECT):\n connect // nbd_refs=1 (trigger recv_work)\n open nbd // nbd_refs=2\n NBD_CLEAR_SOCK\n close nbd\n nbd_release\n nbd_disconnect_and_put\n flush_workqueue // recv_work done\n nbd_config_put\n nbd_put // nbd_refs=1\n nbd_put // nbd_refs=0\n queue_work\n\npath B (netlink without NBD_CFLAG_DESTROY_ON_DISCONNECT):\n connect // nbd_refs=2 (trigger recv_work)\n open nbd // nbd_refs=3\n NBD_CLEAR_SOCK // conf_refs=2\n close nbd\n nbd_release\n nbd_config_put // conf_refs=1\n nbd_put // nbd_refs=2\n recv_work done // conf_refs=0, nbd_refs=1\n rmmod // nbd_refs=0\n\nDepends-on: e2daec488c57 (\"nbd: Fix hungtask when nbd_config_put\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68372",
"url": "https://www.suse.com/security/cve/CVE-2025-68372"
},
{
"category": "external",
"summary": "SUSE Bug 1255537 for CVE-2025-68372",
"url": "https://bugzilla.suse.com/1255537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68372"
},
{
"cve": "CVE-2025-68379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix null deref on srq-\u003erq.queue after resize failure\n\nA NULL pointer dereference can occur in rxe_srq_chk_attr() when\nibv_modify_srq() is invoked twice in succession under certain error\nconditions. The first call may fail in rxe_queue_resize(), which leads\nrxe_srq_from_attr() to set srq-\u003erq.queue = NULL. The second call then\ntriggers a crash (null deref) when accessing\nsrq-\u003erq.queue-\u003ebuf-\u003eindex_mask.\n\nCall Trace:\n\u003cTASK\u003e\nrxe_modify_srq+0x170/0x480 [rdma_rxe]\n? __pfx_rxe_modify_srq+0x10/0x10 [rdma_rxe]\n? uverbs_try_lock_object+0x4f/0xa0 [ib_uverbs]\n? rdma_lookup_get_uobject+0x1f0/0x380 [ib_uverbs]\nib_uverbs_modify_srq+0x204/0x290 [ib_uverbs]\n? __pfx_ib_uverbs_modify_srq+0x10/0x10 [ib_uverbs]\n? tryinc_node_nr_active+0xe6/0x150\n? uverbs_fill_udata+0xed/0x4f0 [ib_uverbs]\nib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x2c0/0x470 [ib_uverbs]\n? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\n? uverbs_fill_udata+0xed/0x4f0 [ib_uverbs]\nib_uverbs_run_method+0x55a/0x6e0 [ib_uverbs]\n? __pfx_ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x10/0x10 [ib_uverbs]\nib_uverbs_cmd_verbs+0x54d/0x800 [ib_uverbs]\n? __pfx_ib_uverbs_cmd_verbs+0x10/0x10 [ib_uverbs]\n? __pfx___raw_spin_lock_irqsave+0x10/0x10\n? __pfx_do_vfs_ioctl+0x10/0x10\n? ioctl_has_perm.constprop.0.isra.0+0x2c7/0x4c0\n? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10\nib_uverbs_ioctl+0x13e/0x220 [ib_uverbs]\n? __pfx_ib_uverbs_ioctl+0x10/0x10 [ib_uverbs]\n__x64_sys_ioctl+0x138/0x1c0\ndo_syscall_64+0x82/0x250\n? fdget_pos+0x58/0x4c0\n? ksys_write+0xf3/0x1c0\n? __pfx_ksys_write+0x10/0x10\n? do_syscall_64+0xc8/0x250\n? __pfx_vm_mmap_pgoff+0x10/0x10\n? fget+0x173/0x230\n? fput+0x2a/0x80\n? ksys_mmap_pgoff+0x224/0x4c0\n? do_syscall_64+0xc8/0x250\n? do_user_addr_fault+0x37b/0xfe0\n? clear_bhb_loop+0x50/0xa0\n? clear_bhb_loop+0x50/0xa0\n? clear_bhb_loop+0x50/0xa0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68379",
"url": "https://www.suse.com/security/cve/CVE-2025-68379"
},
{
"category": "external",
"summary": "SUSE Bug 1255695 for CVE-2025-68379",
"url": "https://bugzilla.suse.com/1255695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68379"
},
{
"cve": "CVE-2025-68725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Do not let BPF test infra emit invalid GSO types to stack\n\nYinhao et al. reported that their fuzzer tool was able to trigger a\nskb_warn_bad_offload() from netif_skb_features() -\u003e gso_features_check().\nWhen a BPF program - triggered via BPF test infra - pushes the packet\nto the loopback device via bpf_clone_redirect() then mentioned offload\nwarning can be seen. GSO-related features are then rightfully disabled.\n\nWe get into this situation due to convert___skb_to_skb() setting\ngso_segs and gso_size but not gso_type. Technically, it makes sense\nthat this warning triggers since the GSO properties are malformed due\nto the gso_type. Potentially, the gso_type could be marked non-trustworthy\nthrough setting it at least to SKB_GSO_DODGY without any other specific\nassumptions, but that also feels wrong given we should not go further\ninto the GSO engine in the first place.\n\nThe checks were added in 121d57af308d (\"gso: validate gso_type in GSO\nhandlers\") because there were malicious (syzbot) senders that combine\na protocol with a non-matching gso_type. If we would want to drop such\npackets, gso_features_check() currently only returns feature flags via\nnetif_skb_features(), so one location for potentially dropping such skbs\ncould be validate_xmit_unreadable_skb(), but then otoh it would be\nan additional check in the fast-path for a very corner case. Given\nbpf_clone_redirect() is the only place where BPF test infra could emit\nsuch packets, lets reject them right there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68725",
"url": "https://www.suse.com/security/cve/CVE-2025-68725"
},
{
"category": "external",
"summary": "SUSE Bug 1255569 for CVE-2025-68725",
"url": "https://bugzilla.suse.com/1255569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68725"
},
{
"cve": "CVE-2025-68727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: Fix uninit buffer allocated by __getname()\n\nFix uninit errors caused after buffer allocation given to \u0027de\u0027; by\ninitializing the buffer with zeroes. The fix was found by using KMSAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68727",
"url": "https://www.suse.com/security/cve/CVE-2025-68727"
},
{
"category": "external",
"summary": "SUSE Bug 1255568 for CVE-2025-68727",
"url": "https://bugzilla.suse.com/1255568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68727"
},
{
"cve": "CVE-2025-68728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: fix uninit memory after failed mi_read in mi_format_new\n\nFix a KMSAN un-init bug found by syzkaller.\n\nntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be\nuptodate. We do not bring the buffer uptodate before setting it as\nuptodate. If the buffer were to not be uptodate, it could mean adding a\nbuffer with un-init data to the mi record. Attempting to load that record\nwill trigger KMSAN.\n\nAvoid this by setting the buffer as uptodate, if it\u0027s not already, by\noverwriting it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68728",
"url": "https://www.suse.com/security/cve/CVE-2025-68728"
},
{
"category": "external",
"summary": "SUSE Bug 1255539 for CVE-2025-68728",
"url": "https://bugzilla.suse.com/1255539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68728"
},
{
"cve": "CVE-2025-68733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmack: fix bug: unprivileged task can create labels\n\nIf an unprivileged task is allowed to relabel itself\n(/smack/relabel-self is not empty),\nit can freely create new labels by writing their\nnames into own /proc/PID/attr/smack/current\n\nThis occurs because do_setattr() imports\nthe provided label in advance,\nbefore checking \"relabel-self\" list.\n\nThis change ensures that the \"relabel-self\" list\nis checked before importing the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68733",
"url": "https://www.suse.com/security/cve/CVE-2025-68733"
},
{
"category": "external",
"summary": "SUSE Bug 1255615 for CVE-2025-68733",
"url": "https://bugzilla.suse.com/1255615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68733"
},
{
"cve": "CVE-2025-68764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags\n\nWhen a filesystem is being automounted, it needs to preserve the\nuser-set superblock mount options, such as the \"ro\" flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68764",
"url": "https://www.suse.com/security/cve/CVE-2025-68764"
},
{
"category": "external",
"summary": "SUSE Bug 1255930 for CVE-2025-68764",
"url": "https://bugzilla.suse.com/1255930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68764"
},
{
"cve": "CVE-2025-68768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: frags: flush pending skbs in fqdir_pre_exit()\n\nWe have been seeing occasional deadlocks on pernet_ops_rwsem since\nSeptember in NIPA. The stuck task was usually modprobe (often loading\na driver like ipvlan), trying to take the lock as a Writer.\nlockdep does not track readers for rwsems so the read wasn\u0027t obvious\nfrom the reports.\n\nOn closer inspection the Reader holding the lock was conntrack looping\nforever in nf_conntrack_cleanup_net_list(). Based on past experience\nwith occasional NIPA crashes I looked thru the tests which run before\nthe crash and noticed that the crash follows ip_defrag.sh. An immediate\nred flag. Scouring thru (de)fragmentation queues reveals skbs sitting\naround, holding conntrack references.\n\nThe problem is that since conntrack depends on nf_defrag_ipv6,\nnf_defrag_ipv6 will load first. Since nf_defrag_ipv6 loads first its\nnetns exit hooks run _after_ conntrack\u0027s netns exit hook.\n\nFlush all fragment queue SKBs during fqdir_pre_exit() to release\nconntrack references before conntrack cleanup runs. Also flush\nthe queues in timer expiry handlers when they discover fqdir-\u003edead\nis set, in case packet sneaks in while we\u0027re running the pre_exit\nflush.\n\nThe commit under Fixes is not exactly the culprit, but I think\npreviously the timer firing would eventually unblock the spinning\nconntrack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68768",
"url": "https://www.suse.com/security/cve/CVE-2025-68768"
},
{
"category": "external",
"summary": "SUSE Bug 1256579 for CVE-2025-68768",
"url": "https://bugzilla.suse.com/1256579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68768"
},
{
"cve": "CVE-2025-68770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix XDP_TX path\n\nFor XDP_TX action in bnxt_rx_xdp(), clearing of the event flags is not\ncorrect. __bnxt_poll_work() -\u003e bnxt_rx_pkt() -\u003e bnxt_rx_xdp() may be\nlooping within NAPI and some event flags may be set in earlier\niterations. In particular, if BNXT_TX_EVENT is set earlier indicating\nsome XDP_TX packets are ready and pending, it will be cleared if it is\nXDP_TX action again. Normally, we will set BNXT_TX_EVENT again when we\nsuccessfully call __bnxt_xmit_xdp(). But if the TX ring has no more\nroom, the flag will not be set. This will cause the TX producer to be\nahead but the driver will not hit the TX doorbell.\n\nFor multi-buf XDP_TX, there is no need to clear the event flags and set\nBNXT_AGG_EVENT. The BNXT_AGG_EVENT flag should have been set earlier in\nbnxt_rx_pkt().\n\nThe visible symptom of this is that the RX ring associated with the\nTX XDP ring will eventually become empty and all packets will be dropped.\nBecause this condition will cause the driver to not refill the RX ring\nseeing that the TX ring has forever pending XDP_TX packets.\n\nThe fix is to only clear BNXT_RX_EVENT when we have successfully\ncalled __bnxt_xmit_xdp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68770",
"url": "https://www.suse.com/security/cve/CVE-2025-68770"
},
{
"category": "external",
"summary": "SUSE Bug 1256584 for CVE-2025-68770",
"url": "https://bugzilla.suse.com/1256584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68770"
},
{
"cve": "CVE-2025-68771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix kernel BUG in ocfs2_find_victim_chain\n\nsyzbot reported a kernel BUG in ocfs2_find_victim_chain() because the\n`cl_next_free_rec` field of the allocation chain list (next free slot in\nthe chain list) is 0, triggring the BUG_ON(!cl-\u003ecl_next_free_rec)\ncondition in ocfs2_find_victim_chain() and panicking the kernel.\n\nTo fix this, an if condition is introduced in ocfs2_claim_suballoc_bits(),\njust before calling ocfs2_find_victim_chain(), the code block in it being\nexecuted when either of the following conditions is true:\n\n1. `cl_next_free_rec` is equal to 0, indicating that there are no free\nchains in the allocation chain list\n2. `cl_next_free_rec` is greater than `cl_count` (the total number of\nchains in the allocation chain list)\n\nEither of them being true is indicative of the fact that there are no\nchains left for usage.\n\nThis is addressed using ocfs2_error(), which prints\nthe error log for debugging purposes, rather than panicking the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68771",
"url": "https://www.suse.com/security/cve/CVE-2025-68771"
},
{
"category": "external",
"summary": "SUSE Bug 1256582 for CVE-2025-68771",
"url": "https://bugzilla.suse.com/1256582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68771"
},
{
"cve": "CVE-2025-68773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-cpm: Check length parity before switching to 16 bit mode\n\nCommit fc96ec826bce (\"spi: fsl-cpm: Use 16 bit mode for large transfers\nwith even size\") failed to make sure that the size is really even\nbefore switching to 16 bit mode. Until recently the problem went\nunnoticed because kernfs uses a pre-allocated bounce buffer of size\nPAGE_SIZE for reading EEPROM.\n\nBut commit 8ad6249c51d0 (\"eeprom: at25: convert to spi-mem API\")\nintroduced an additional dynamically allocated bounce buffer whose size\nis exactly the size of the transfer, leading to a buffer overrun in\nthe fsl-cpm driver when that size is odd.\n\nAdd the missing length parity verification and remain in 8 bit mode\nwhen the length is not even.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68773",
"url": "https://www.suse.com/security/cve/CVE-2025-68773"
},
{
"category": "external",
"summary": "SUSE Bug 1256586 for CVE-2025-68773",
"url": "https://bugzilla.suse.com/1256586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68773"
},
{
"cve": "CVE-2025-68775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: duplicate handshake cancellations leak socket\n\nWhen a handshake request is cancelled it is removed from the\nhandshake_net-\u003ehn_requests list, but it is still present in the\nhandshake_rhashtbl until it is destroyed.\n\nIf a second cancellation request arrives for the same handshake request,\nthen remove_pending() will return false... and assuming\nHANDSHAKE_F_REQ_COMPLETED isn\u0027t set in req-\u003ehr_flags, we\u0027ll continue\nprocessing through the out_true label, where we put another reference on\nthe sock and a refcount underflow occurs.\n\nThis can happen for example if a handshake times out - particularly if\nthe SUNRPC client sends the AUTH_TLS probe to the server but doesn\u0027t\nfollow it up with the ClientHello due to a problem with tlshd. When the\ntimeout is hit on the server, the server will send a FIN, which triggers\na cancellation request via xs_reset_transport(). When the timeout is\nhit on the client, another cancellation request happens via\nxs_tls_handshake_sync().\n\nAdd a test_and_set_bit(HANDSHAKE_F_REQ_COMPLETED) in the pending cancel\npath so duplicate cancels can be detected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68775",
"url": "https://www.suse.com/security/cve/CVE-2025-68775"
},
{
"category": "external",
"summary": "SUSE Bug 1256665 for CVE-2025-68775",
"url": "https://bugzilla.suse.com/1256665"
},
{
"category": "external",
"summary": "SUSE Bug 1256666 for CVE-2025-68775",
"url": "https://bugzilla.suse.com/1256666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-68775"
},
{
"cve": "CVE-2025-68776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/hsr: fix NULL pointer dereference in prp_get_untagged_frame()\n\nprp_get_untagged_frame() calls __pskb_copy() to create frame-\u003eskb_std\nbut doesn\u0027t check if the allocation failed. If __pskb_copy() returns\nNULL, skb_clone() is called with a NULL pointer, causing a crash:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 0 UID: 0 PID: 5625 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:skb_clone+0xd7/0x3a0 net/core/skbuff.c:2041\nCode: 03 42 80 3c 20 00 74 08 4c 89 f7 e8 23 29 05 f9 49 83 3e 00 0f 85 a0 01 00 00 e8 94 dd 9d f8 48 8d 6b 7e 49 89 ee 49 c1 ee 03 \u003c43\u003e 0f b6 04 26 84 c0 0f 85 d1 01 00 00 44 0f b6 7d 00 41 83 e7 0c\nRSP: 0018:ffffc9000d00f200 EFLAGS: 00010207\nRAX: ffffffff892235a1 RBX: 0000000000000000 RCX: ffff88803372a480\nRDX: 0000000000000000 RSI: 0000000000000820 RDI: 0000000000000000\nRBP: 000000000000007e R08: ffffffff8f7d0f77 R09: 1ffffffff1efa1ee\nR10: dffffc0000000000 R11: fffffbfff1efa1ef R12: dffffc0000000000\nR13: 0000000000000820 R14: 000000000000000f R15: ffff88805144cc00\nFS: 0000555557f6d500(0000) GS:ffff88808d72f000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000555581d35808 CR3: 000000005040e000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n hsr_forward_do net/hsr/hsr_forward.c:-1 [inline]\n hsr_forward_skb+0x1013/0x2860 net/hsr/hsr_forward.c:741\n hsr_handle_frame+0x6ce/0xa70 net/hsr/hsr_slave.c:84\n __netif_receive_skb_core+0x10b9/0x4380 net/core/dev.c:5966\n __netif_receive_skb_one_core net/core/dev.c:6077 [inline]\n __netif_receive_skb+0x72/0x380 net/core/dev.c:6192\n netif_receive_skb_internal net/core/dev.c:6278 [inline]\n netif_receive_skb+0x1cb/0x790 net/core/dev.c:6337\n tun_rx_batched+0x1b9/0x730 drivers/net/tun.c:1485\n tun_get_user+0x2b65/0x3e90 drivers/net/tun.c:1953\n tun_chr_write_iter+0x113/0x200 drivers/net/tun.c:1999\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x5c9/0xb30 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f0449f8e1ff\nCode: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48\nRSP: 002b:00007ffd7ad94c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007f044a1e5fa0 RCX: 00007f0449f8e1ff\nRDX: 000000000000003e RSI: 0000200000000500 RDI: 00000000000000c8\nRBP: 00007ffd7ad94d20 R08: 0000000000000000 R09: 0000000000000000\nR10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001\nR13: 00007f044a1e5fa0 R14: 00007f044a1e5fa0 R15: 0000000000000003\n \u003c/TASK\u003e\n\nAdd a NULL check immediately after __pskb_copy() to handle allocation\nfailures gracefully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68776",
"url": "https://www.suse.com/security/cve/CVE-2025-68776"
},
{
"category": "external",
"summary": "SUSE Bug 1256659 for CVE-2025-68776",
"url": "https://bugzilla.suse.com/1256659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68776"
},
{
"cve": "CVE-2025-68777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: ti_am335x_tsc - fix off-by-one error in wire_order validation\n\nThe current validation \u0027wire_order[i] \u003e ARRAY_SIZE(config_pins)\u0027 allows\nwire_order[i] to equal ARRAY_SIZE(config_pins), which causes out-of-bounds\naccess when used as index in \u0027config_pins[wire_order[i]]\u0027.\n\nSince config_pins has 4 elements (indices 0-3), the valid range for\nwire_order should be 0-3. Fix the off-by-one error by using \u003e= instead\nof \u003e in the validation check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68777",
"url": "https://www.suse.com/security/cve/CVE-2025-68777"
},
{
"category": "external",
"summary": "SUSE Bug 1256655 for CVE-2025-68777",
"url": "https://bugzilla.suse.com/1256655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68777"
},
{
"cve": "CVE-2025-68783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-mixer: us16x08: validate meter packet indices\n\nget_meter_levels_from_urb() parses the 64-byte meter packets sent by\nthe device and fills the per-channel arrays meter_level[],\ncomp_level[] and master_level[] in struct snd_us16x08_meter_store.\n\nCurrently the function derives the channel index directly from the\nmeter packet (MUB2(meter_urb, s) - 1) and uses it to index those\narrays without validating the range. If the packet contains a\nnegative or out-of-range channel number, the driver may write past\nthe end of these arrays.\n\nIntroduce a local channel variable and validate it before updating the\narrays. We reject negative indices, limit meter_level[] and\ncomp_level[] to SND_US16X08_MAX_CHANNELS, and guard master_level[]\nupdates with ARRAY_SIZE(master_level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68783",
"url": "https://www.suse.com/security/cve/CVE-2025-68783"
},
{
"category": "external",
"summary": "SUSE Bug 1256650 for CVE-2025-68783",
"url": "https://bugzilla.suse.com/1256650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68783"
},
{
"cve": "CVE-2025-68788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: do not generate ACCESS/MODIFY events on child for special files\n\ninotify/fanotify do not allow users with no read access to a file to\nsubscribe to events (e.g. IN_ACCESS/IN_MODIFY), but they do allow the\nsame user to subscribe for watching events on children when the user\nhas access to the parent directory (e.g. /dev).\n\nUsers with no read access to a file but with read access to its parent\ndirectory can still stat the file and see if it was accessed/modified\nvia atime/mtime change.\n\nThe same is not true for special files (e.g. /dev/null). Users will not\ngenerally observe atime/mtime changes when other users read/write to\nspecial files, only when someone sets atime/mtime via utimensat().\n\nAlign fsnotify events with this stat behavior and do not generate\nACCESS/MODIFY events to parent watchers on read/write of special files.\nThe events are still generated to parent watchers on utimensat(). This\ncloses some side-channels that could be possibly used for information\nexfiltration [1].\n\n[1] https://snee.la/pdf/pubs/file-notification-attacks.pdf",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68788",
"url": "https://www.suse.com/security/cve/CVE-2025-68788"
},
{
"category": "external",
"summary": "SUSE Bug 1256638 for CVE-2025-68788",
"url": "https://bugzilla.suse.com/1256638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68788"
},
{
"cve": "CVE-2025-68789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68789"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68789",
"url": "https://www.suse.com/security/cve/CVE-2025-68789"
},
{
"category": "external",
"summary": "SUSE Bug 1256781 for CVE-2025-68789",
"url": "https://bugzilla.suse.com/1256781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68789"
},
{
"cve": "CVE-2025-68795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: Avoid overflowing userspace buffer on stats query\n\nThe ethtool -S command operates across three ioctl calls:\nETHTOOL_GSSET_INFO for the size, ETHTOOL_GSTRINGS for the names, and\nETHTOOL_GSTATS for the values.\n\nIf the number of stats changes between these calls (e.g., due to device\nreconfiguration), userspace\u0027s buffer allocation will be incorrect,\npotentially leading to buffer overflow.\n\nDrivers are generally expected to maintain stable stat counts, but some\ndrivers (e.g., mlx5, bnx2x, bna, ksz884x) use dynamic counters, making\nthis scenario possible.\n\nSome drivers try to handle this internally:\n- bnad_get_ethtool_stats() returns early in case stats.n_stats is not\n equal to the driver\u0027s stats count.\n- micrel/ksz884x also makes sure not to write anything beyond\n stats.n_stats and overflow the buffer.\n\nHowever, both use stats.n_stats which is already assigned with the value\nreturned from get_sset_count(), hence won\u0027t solve the issue described\nhere.\n\nChange ethtool_get_strings(), ethtool_get_stats(),\nethtool_get_phy_stats() to not return anything in case of a mismatch\nbetween userspace\u0027s size and get_sset_size(), to prevent buffer\noverflow.\nThe returned n_stats value will be equal to zero, to reflect that\nnothing has been returned.\n\nThis could result in one of two cases when using upstream ethtool,\ndepending on when the size change is detected:\n1. When detected in ethtool_get_strings():\n # ethtool -S eth2\n no stats available\n\n2. When detected in get stats, all stats will be reported as zero.\n\nBoth cases are presumably transient, and a subsequent ethtool call\nshould succeed.\n\nOther than the overflow avoidance, these two cases are very evident (no\noutput/cleared stats), which is arguably better than presenting\nincorrect/shifted stats.\nI also considered returning an error instead of a \"silent\" response, but\nthat seems more destructive towards userspace apps.\n\nNotes:\n- This patch does not claim to fix the inherent race, it only makes sure\n that we do not overflow the userspace buffer, and makes for a more\n predictable behavior.\n\n- RTNL lock is held during each ioctl, the race window exists between\n the separate ioctl calls when the lock is released.\n\n- Userspace ethtool always fills stats.n_stats, but it is likely that\n these stats ioctls are implemented in other userspace applications\n which might not fill it. The added code checks that it\u0027s not zero,\n to prevent any regressions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68795",
"url": "https://www.suse.com/security/cve/CVE-2025-68795"
},
{
"category": "external",
"summary": "SUSE Bug 1256688 for CVE-2025-68795",
"url": "https://bugzilla.suse.com/1256688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68795"
},
{
"cve": "CVE-2025-68797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nchar: applicom: fix NULL pointer dereference in ac_ioctl\n\nDiscovered by Atuin - Automated Vulnerability Discovery Engine.\n\nIn ac_ioctl, the validation of IndexCard and the check for a valid\nRamIO pointer are skipped when cmd is 6. However, the function\nunconditionally executes readb(apbs[IndexCard].RamIO + VERS) at the\nend.\n\nIf cmd is 6, IndexCard may reference a board that does not exist\n(where RamIO is NULL), leading to a NULL pointer dereference.\n\nFix this by skipping the readb access when cmd is 6, as this\ncommand is a global information query and does not target a specific\nboard context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68797",
"url": "https://www.suse.com/security/cve/CVE-2025-68797"
},
{
"category": "external",
"summary": "SUSE Bug 1256660 for CVE-2025-68797",
"url": "https://bugzilla.suse.com/1256660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68797"
},
{
"cve": "CVE-2025-68798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd: Check event before enable to avoid GPF\n\nOn AMD machines cpuc-\u003eevents[idx] can become NULL in a subtle race\ncondition with NMI-\u003ethrottle-\u003ex86_pmu_stop().\n\nCheck event for NULL in amd_pmu_enable_all() before enable to avoid a GPF.\nThis appears to be an AMD only issue.\n\nSyzkaller reported a GPF in amd_pmu_enable_all.\n\nINFO: NMI handler (perf_event_nmi_handler) took too long to run: 13.143\n msecs\nOops: general protection fault, probably for non-canonical address\n 0xdffffc0000000034: 0000 PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x00000000000001a0-0x00000000000001a7]\nCPU: 0 UID: 0 PID: 328415 Comm: repro_36674776 Not tainted 6.12.0-rc1-syzk\nRIP: 0010:x86_pmu_enable_event (arch/x86/events/perf_event.h:1195\n arch/x86/events/core.c:1430)\nRSP: 0018:ffff888118009d60 EFLAGS: 00010012\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000034 RSI: 0000000000000000 RDI: 00000000000001a0\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002\nR13: ffff88811802a440 R14: ffff88811802a240 R15: ffff8881132d8601\nFS: 00007f097dfaa700(0000) GS:ffff888118000000(0000) GS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200001c0 CR3: 0000000103d56000 CR4: 00000000000006f0\nCall Trace:\n \u003cIRQ\u003e\namd_pmu_enable_all (arch/x86/events/amd/core.c:760 (discriminator 2))\nx86_pmu_enable (arch/x86/events/core.c:1360)\nevent_sched_out (kernel/events/core.c:1191 kernel/events/core.c:1186\n kernel/events/core.c:2346)\n__perf_remove_from_context (kernel/events/core.c:2435)\nevent_function (kernel/events/core.c:259)\nremote_function (kernel/events/core.c:92 (discriminator 1)\n kernel/events/core.c:72 (discriminator 1))\n__flush_smp_call_function_queue (./arch/x86/include/asm/jump_label.h:27\n ./include/linux/jump_label.h:207 ./include/trace/events/csd.h:64\n kernel/smp.c:135 kernel/smp.c:540)\n__sysvec_call_function_single (./arch/x86/include/asm/jump_label.h:27\n ./include/linux/jump_label.h:207\n ./arch/x86/include/asm/trace/irq_vectors.h:99 arch/x86/kernel/smp.c:272)\nsysvec_call_function_single (arch/x86/kernel/smp.c:266 (discriminator 47)\n arch/x86/kernel/smp.c:266 (discriminator 47))\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68798",
"url": "https://www.suse.com/security/cve/CVE-2025-68798"
},
{
"category": "external",
"summary": "SUSE Bug 1256689 for CVE-2025-68798",
"url": "https://bugzilla.suse.com/1256689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68798"
},
{
"cve": "CVE-2025-68800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats\n\nCited commit added a dedicated mutex (instead of RTNL) to protect the\nmulticast route list, so that it will not change while the driver\nperiodically traverses it in order to update the kernel about multicast\nroute stats that were queried from the device.\n\nOne instance of list entry deletion (during route replace) was missed\nand it can result in a use-after-free [1].\n\nFix by acquiring the mutex before deleting the entry from the list and\nreleasing it afterwards.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]\nRead of size 8 at addr ffff8881523c2fa8 by task kworker/2:5/22043\n\nCPU: 2 UID: 0 PID: 22043 Comm: kworker/2:5 Not tainted 6.18.0-rc1-custom-g1a3d6d7cd014 #1 PREEMPT(full)\nHardware name: Mellanox Technologies Ltd. MSN2010/SA002610, BIOS 5.6.5 08/24/2017\nWorkqueue: mlxsw_core mlxsw_sp_mr_stats_update [mlxsw_spectrum]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n print_report+0x174/0x4f5\n kasan_report+0xdf/0x110\n mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]\n process_one_work+0x9cc/0x18e0\n worker_thread+0x5df/0xe40\n kthread+0x3b8/0x730\n ret_from_fork+0x3e9/0x560\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 29933:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n mlxsw_sp_mr_route_add+0xd8/0x4770 [mlxsw_spectrum]\n mlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]\n process_one_work+0x9cc/0x18e0\n worker_thread+0x5df/0xe40\n kthread+0x3b8/0x730\n ret_from_fork+0x3e9/0x560\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 29933:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_save_free_info+0x3b/0x70\n __kasan_slab_free+0x43/0x70\n kfree+0x14e/0x700\n mlxsw_sp_mr_route_add+0x2dea/0x4770 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:444 [mlxsw_spectrum]\n mlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]\n process_one_work+0x9cc/0x18e0\n worker_thread+0x5df/0xe40\n kthread+0x3b8/0x730\n ret_from_fork+0x3e9/0x560\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68800",
"url": "https://www.suse.com/security/cve/CVE-2025-68800"
},
{
"category": "external",
"summary": "SUSE Bug 1256646 for CVE-2025-68800",
"url": "https://bugzilla.suse.com/1256646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68800"
},
{
"cve": "CVE-2025-68801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_router: Fix neighbour use-after-free\n\nWe sometimes observe use-after-free when dereferencing a neighbour [1].\nThe problem seems to be that the driver stores a pointer to the\nneighbour, but without holding a reference on it. A reference is only\ntaken when the neighbour is used by a nexthop.\n\nFix by simplifying the reference counting scheme. Always take a\nreference when storing a neighbour pointer in a neighbour entry. Avoid\ntaking a referencing when the neighbour is used by a nexthop as the\nneighbour entry associated with the nexthop already holds a reference.\n\nTested by running the test that uncovered the problem over 300 times.\nWithout this patch the problem was reproduced after a handful of\niterations.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_neigh_entry_update+0x2d4/0x310\nRead of size 8 at addr ffff88817f8e3420 by task ip/3929\n\nCPU: 3 UID: 0 PID: 3929 Comm: ip Not tainted 6.18.0-rc4-virtme-g36b21a067510 #3 PREEMPT(full)\nHardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6f/0xa0\n print_address_description.constprop.0+0x6e/0x300\n print_report+0xfc/0x1fb\n kasan_report+0xe4/0x110\n mlxsw_sp_neigh_entry_update+0x2d4/0x310\n mlxsw_sp_router_rif_gone_sync+0x35f/0x510\n mlxsw_sp_rif_destroy+0x1ea/0x730\n mlxsw_sp_inetaddr_port_vlan_event+0xa1/0x1b0\n __mlxsw_sp_inetaddr_lag_event+0xcc/0x130\n __mlxsw_sp_inetaddr_event+0xf5/0x3c0\n mlxsw_sp_router_netdevice_event+0x1015/0x1580\n notifier_call_chain+0xcc/0x150\n call_netdevice_notifiers_info+0x7e/0x100\n __netdev_upper_dev_unlink+0x10b/0x210\n netdev_upper_dev_unlink+0x79/0xa0\n vrf_del_slave+0x18/0x50\n do_set_master+0x146/0x7d0\n do_setlink.isra.0+0x9a0/0x2880\n rtnl_newlink+0x637/0xb20\n rtnetlink_rcv_msg+0x6fe/0xb90\n netlink_rcv_skb+0x123/0x380\n netlink_unicast+0x4a3/0x770\n netlink_sendmsg+0x75b/0xc90\n __sock_sendmsg+0xbe/0x160\n ____sys_sendmsg+0x5b2/0x7d0\n ___sys_sendmsg+0xfd/0x180\n __sys_sendmsg+0x124/0x1c0\n do_syscall_64+0xbb/0xfd0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n[...]\n\nAllocated by task 109:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7b/0x90\n __kmalloc_noprof+0x2c1/0x790\n neigh_alloc+0x6af/0x8f0\n ___neigh_create+0x63/0xe90\n mlxsw_sp_nexthop_neigh_init+0x430/0x7e0\n mlxsw_sp_nexthop_type_init+0x212/0x960\n mlxsw_sp_nexthop6_group_info_init.constprop.0+0x81f/0x1280\n mlxsw_sp_nexthop6_group_get+0x392/0x6a0\n mlxsw_sp_fib6_entry_create+0x46a/0xfd0\n mlxsw_sp_router_fib6_replace+0x1ed/0x5f0\n mlxsw_sp_router_fib6_event_work+0x10a/0x2a0\n process_one_work+0xd57/0x1390\n worker_thread+0x4d6/0xd40\n kthread+0x355/0x5b0\n ret_from_fork+0x1d4/0x270\n ret_from_fork_asm+0x11/0x20\n\nFreed by task 154:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x43/0x70\n kmem_cache_free_bulk.part.0+0x1eb/0x5e0\n kvfree_rcu_bulk+0x1f2/0x260\n kfree_rcu_work+0x130/0x1b0\n process_one_work+0xd57/0x1390\n worker_thread+0x4d6/0xd40\n kthread+0x355/0x5b0\n ret_from_fork+0x1d4/0x270\n ret_from_fork_asm+0x11/0x20\n\nLast potentially related work creation:\n kasan_save_stack+0x30/0x50\n kasan_record_aux_stack+0x8c/0xa0\n kvfree_call_rcu+0x93/0x5b0\n mlxsw_sp_router_neigh_event_work+0x67d/0x860\n process_one_work+0xd57/0x1390\n worker_thread+0x4d6/0xd40\n kthread+0x355/0x5b0\n ret_from_fork+0x1d4/0x270\n ret_from_fork_asm+0x11/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68801",
"url": "https://www.suse.com/security/cve/CVE-2025-68801"
},
{
"category": "external",
"summary": "SUSE Bug 1256653 for CVE-2025-68801",
"url": "https://bugzilla.suse.com/1256653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68801"
},
{
"cve": "CVE-2025-68802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Limit num_syncs to prevent oversized allocations\n\nThe exec and vm_bind ioctl allow userspace to specify an arbitrary\nnum_syncs value. Without bounds checking, a very large num_syncs\ncan force an excessively large allocation, leading to kernel warnings\nfrom the page allocator as below.\n\nIntroduce DRM_XE_MAX_SYNCS (set to 1024) and reject any request\nexceeding this limit.\n\n\"\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 1217 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2f8/0x2180 mm/page_alloc.c:5124\n...\nCall Trace:\n \u003cTASK\u003e\n alloc_pages_mpol+0xe4/0x330 mm/mempolicy.c:2416\n ___kmalloc_large_node+0xd8/0x110 mm/slub.c:4317\n __kmalloc_large_node_noprof+0x18/0xe0 mm/slub.c:4348\n __do_kmalloc_node mm/slub.c:4364 [inline]\n __kmalloc_noprof+0x3d4/0x4b0 mm/slub.c:4388\n kmalloc_noprof include/linux/slab.h:909 [inline]\n kmalloc_array_noprof include/linux/slab.h:948 [inline]\n xe_exec_ioctl+0xa47/0x1e70 drivers/gpu/drm/xe/xe_exec.c:158\n drm_ioctl_kernel+0x1f1/0x3e0 drivers/gpu/drm/drm_ioctl.c:797\n drm_ioctl+0x5e7/0xc50 drivers/gpu/drm/drm_ioctl.c:894\n xe_drm_ioctl+0x10b/0x170 drivers/gpu/drm/xe/xe_device.c:224\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:598 [inline]\n __se_sys_ioctl fs/ioctl.c:584 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:584\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xbb/0x380 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n\"\n\nv2: Add \"Reported-by\" and Cc stable kernels.\nv3: Change XE_MAX_SYNCS from 64 to 1024. (Matt \u0026 Ashutosh)\nv4: s/XE_MAX_SYNCS/DRM_XE_MAX_SYNCS/ (Matt)\nv5: Do the check at the top of the exec func. (Matt)\n\n(cherry picked from commit b07bac9bd708ec468cd1b8a5fe70ae2ac9b0a11c)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68802",
"url": "https://www.suse.com/security/cve/CVE-2025-68802"
},
{
"category": "external",
"summary": "SUSE Bug 1256661 for CVE-2025-68802",
"url": "https://bugzilla.suse.com/1256661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "low"
}
],
"title": "CVE-2025-68802"
},
{
"cve": "CVE-2025-68803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: NFSv4 file creation neglects setting ACL\n\nAn NFSv4 client that sets an ACL with a named principal during file\ncreation retrieves the ACL afterwards, and finds that it is only a\ndefault ACL (based on the mode bits) and not the ACL that was\nrequested during file creation. This violates RFC 8881 section\n6.4.1.3: \"the ACL attribute is set as given\".\n\nThe issue occurs in nfsd_create_setattr(), which calls\nnfsd_attrs_valid() to determine whether to call nfsd_setattr().\nHowever, nfsd_attrs_valid() checks only for iattr changes and\nsecurity labels, but not POSIX ACLs. When only an ACL is present,\nthe function returns false, nfsd_setattr() is skipped, and the\nPOSIX ACL is never applied to the inode.\n\nSubsequently, when the client retrieves the ACL, the server finds\nno POSIX ACL on the inode and returns one generated from the file\u0027s\nmode bits rather than returning the originally-specified ACL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68803",
"url": "https://www.suse.com/security/cve/CVE-2025-68803"
},
{
"category": "external",
"summary": "SUSE Bug 1256770 for CVE-2025-68803",
"url": "https://bugzilla.suse.com/1256770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68803"
},
{
"cve": "CVE-2025-68804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver\n\nAfter unbinding the driver, another kthread `cros_ec_console_log_work`\nis still accessing the device, resulting an UAF and crash.\n\nThe driver doesn\u0027t unregister the EC device in .remove() which should\nshutdown sub-devices synchronously. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68804",
"url": "https://www.suse.com/security/cve/CVE-2025-68804"
},
{
"category": "external",
"summary": "SUSE Bug 1256617 for CVE-2025-68804",
"url": "https://bugzilla.suse.com/1256617"
},
{
"category": "external",
"summary": "SUSE Bug 1256618 for CVE-2025-68804",
"url": "https://bugzilla.suse.com/1256618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-68804"
},
{
"cve": "CVE-2025-68808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: initialize local pointers upon transfer of memory ownership\n\nvidtv_channel_si_init() creates a temporary list (program, service, event)\nand ownership of the memory itself is transferred to the PAT/SDT/EIT\ntables through vidtv_psi_pat_program_assign(),\nvidtv_psi_sdt_service_assign(), vidtv_psi_eit_event_assign().\n\nThe problem here is that the local pointer where the memory ownership\ntransfer was completed is not initialized to NULL. This causes the\nvidtv_psi_pmt_create_sec_for_each_pat_entry() function to fail, and\nin the flow that jumps to free_eit, the memory that was freed by\nvidtv_psi_*_table_destroy() can be accessed again by\nvidtv_psi_*_event_destroy() due to the uninitialized local pointer, so it\nis freed once again.\n\nTherefore, to prevent use-after-free and double-free vulnerability,\nlocal pointers must be initialized to NULL when transferring memory\nownership.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68808",
"url": "https://www.suse.com/security/cve/CVE-2025-68808"
},
{
"category": "external",
"summary": "SUSE Bug 1256682 for CVE-2025-68808",
"url": "https://bugzilla.suse.com/1256682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68808"
},
{
"cve": "CVE-2025-68813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix ipv4 null-ptr-deref in route error path\n\nThe IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure()\nwithout ensuring skb-\u003edev is set, leading to a NULL pointer dereference\nin fib_compute_spec_dst() when ipv4_link_failure() attempts to send\nICMP destination unreachable messages.\n\nThe issue emerged after commit ed0de45a1008 (\"ipv4: recompile ip options\nin ipv4_link_failure\") started calling __ip_options_compile() from\nipv4_link_failure(). This code path eventually calls fib_compute_spec_dst()\nwhich dereferences skb-\u003edev. An attempt was made to fix the NULL skb-\u003edev\ndereference in commit 0113d9c9d1cc (\"ipv4: fix null-deref in\nipv4_link_failure\"), but it only addressed the immediate dev_net(skb-\u003edev)\ndereference by using a fallback device. The fix was incomplete because\nfib_compute_spec_dst() later in the call chain still accesses skb-\u003edev\ndirectly, which remains NULL when IPVS calls dst_link_failure().\n\nThe crash occurs when:\n1. IPVS processes a packet in NAT mode with a misconfigured destination\n2. Route lookup fails in __ip_vs_get_out_rt() before establishing a route\n3. The error path calls dst_link_failure(skb) with skb-\u003edev == NULL\n4. ipv4_link_failure() -\u003e ipv4_send_dest_unreach() -\u003e\n __ip_options_compile() -\u003e fib_compute_spec_dst()\n5. fib_compute_spec_dst() dereferences NULL skb-\u003edev\n\nApply the same fix used for IPv6 in commit 326bf17ea5d4 (\"ipvs: fix\nipv6 route unreach panic\"): set skb-\u003edev from skb_dst(skb)-\u003edev before\ncalling dst_link_failure().\n\nKASAN: null-ptr-deref in range [0x0000000000000328-0x000000000000032f]\nCPU: 1 PID: 12732 Comm: syz.1.3469 Not tainted 6.6.114 #2\nRIP: 0010:__in_dev_get_rcu include/linux/inetdevice.h:233\nRIP: 0010:fib_compute_spec_dst+0x17a/0x9f0 net/ipv4/fib_frontend.c:285\nCall Trace:\n \u003cTASK\u003e\n spec_dst_fill net/ipv4/ip_options.c:232\n spec_dst_fill net/ipv4/ip_options.c:229\n __ip_options_compile+0x13a1/0x17d0 net/ipv4/ip_options.c:330\n ipv4_send_dest_unreach net/ipv4/route.c:1252\n ipv4_link_failure+0x702/0xb80 net/ipv4/route.c:1265\n dst_link_failure include/net/dst.h:437\n __ip_vs_get_out_rt+0x15fd/0x19e0 net/netfilter/ipvs/ip_vs_xmit.c:412\n ip_vs_nat_xmit+0x1d8/0xc80 net/netfilter/ipvs/ip_vs_xmit.c:764",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68813",
"url": "https://www.suse.com/security/cve/CVE-2025-68813"
},
{
"category": "external",
"summary": "SUSE Bug 1256641 for CVE-2025-68813",
"url": "https://bugzilla.suse.com/1256641"
},
{
"category": "external",
"summary": "SUSE Bug 1256644 for CVE-2025-68813",
"url": "https://bugzilla.suse.com/1256644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-68813"
},
{
"cve": "CVE-2025-68814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix filename leak in __io_openat_prep()\n\n __io_openat_prep() allocates a struct filename using getname(). However,\nfor the condition of the file being installed in the fixed file table as\nwell as having O_CLOEXEC flag set, the function returns early. At that\npoint, the request doesn\u0027t have REQ_F_NEED_CLEANUP flag set. Due to this,\nthe memory for the newly allocated struct filename is not cleaned up,\ncausing a memory leak.\n\nFix this by setting the REQ_F_NEED_CLEANUP for the request just after the\nsuccessful getname() call, so that when the request is torn down, the\nfilename will be cleaned up, along with other resources needing cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68814",
"url": "https://www.suse.com/security/cve/CVE-2025-68814"
},
{
"category": "external",
"summary": "SUSE Bug 1256651 for CVE-2025-68814",
"url": "https://bugzilla.suse.com/1256651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68814"
},
{
"cve": "CVE-2025-68815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Remove drr class from the active list if it changes to strict\n\nWhenever a user issues an ets qdisc change command, transforming a\ndrr class into a strict one, the ets code isn\u0027t checking whether that\nclass was in the active list and removing it. This means that, if a\nuser changes a strict class (which was in the active list) back to a drr\none, that class will be added twice to the active list [1].\n\nDoing so with the following commands:\n\ntc qdisc add dev lo root handle 1: ets bands 2 strict 1\ntc qdisc add dev lo parent 1:2 handle 20: \\\n tbf rate 8bit burst 100b latency 1s\ntc filter add dev lo parent 1: basic classid 1:2\nping -c1 -W0.01 -s 56 127.0.0.1\ntc qdisc change dev lo root handle 1: ets bands 2 strict 2\ntc qdisc change dev lo root handle 1: ets bands 2 strict 1\nping -c1 -W0.01 -s 56 127.0.0.1\n\nWill trigger the following splat with list debug turned on:\n\n[ 59.279014][ T365] ------------[ cut here ]------------\n[ 59.279452][ T365] list_add double add: new=ffff88801d60e350, prev=ffff88801d60e350, next=ffff88801d60e2c0.\n[ 59.280153][ T365] WARNING: CPU: 3 PID: 365 at lib/list_debug.c:35 __list_add_valid_or_report+0x17f/0x220\n[ 59.280860][ T365] Modules linked in:\n[ 59.281165][ T365] CPU: 3 UID: 0 PID: 365 Comm: tc Not tainted 6.18.0-rc7-00105-g7e9f13163c13-dirty #239 PREEMPT(voluntary)\n[ 59.281977][ T365] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n[ 59.282391][ T365] RIP: 0010:__list_add_valid_or_report+0x17f/0x220\n[ 59.282842][ T365] Code: 89 c6 e8 d4 b7 0d ff 90 0f 0b 90 90 31 c0 e9 31 ff ff ff 90 48 c7 c7 e0 a0 22 9f 48 89 f2 48 89 c1 4c 89 c6 e8 b2 b7 0d ff 90 \u003c0f\u003e 0b 90 90 31 c0 e9 0f ff ff ff 48 89 f7 48 89 44 24 10 4c 89 44\n...\n[ 59.288812][ T365] Call Trace:\n[ 59.289056][ T365] \u003cTASK\u003e\n[ 59.289224][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.289546][ T365] ets_qdisc_change+0xd2b/0x1e80\n[ 59.289891][ T365] ? __lock_acquire+0x7e7/0x1be0\n[ 59.290223][ T365] ? __pfx_ets_qdisc_change+0x10/0x10\n[ 59.290546][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.290898][ T365] ? __mutex_trylock_common+0xda/0x240\n[ 59.291228][ T365] ? __pfx___mutex_trylock_common+0x10/0x10\n[ 59.291655][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.291993][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.292313][ T365] ? trace_contention_end+0xc8/0x110\n[ 59.292656][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.293022][ T365] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 59.293351][ T365] tc_modify_qdisc+0x63a/0x1cf0\n\nFix this by always checking and removing an ets class from the active list\nwhen changing it to strict.\n\n[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/tree/net/sched/sch_ets.c?id=ce052b9402e461a9aded599f5b47e76bc727f7de#n663",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68815",
"url": "https://www.suse.com/security/cve/CVE-2025-68815"
},
{
"category": "external",
"summary": "SUSE Bug 1256680 for CVE-2025-68815",
"url": "https://bugzilla.suse.com/1256680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68815"
},
{
"cve": "CVE-2025-68816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: fw_tracer, Validate format string parameters\n\nAdd validation for format string parameters in the firmware tracer to\nprevent potential security vulnerabilities and crashes from malformed\nformat strings received from firmware.\n\nThe firmware tracer receives format strings from the device firmware and\nuses them to format trace messages. Without proper validation, bad\nfirmware could provide format strings with invalid format specifiers\n(e.g., %s, %p, %n) that could lead to crashes, or other undefined\nbehavior.\n\nAdd mlx5_tracer_validate_params() to validate that all format specifiers\nin trace strings are limited to safe integer/hex formats (%x, %d, %i,\n%u, %llx, %lx, etc.). Reject strings containing other format types that\ncould be used to access arbitrary memory or cause crashes.\nInvalid format strings are added to the trace output for visibility with\n\"BAD_FORMAT: \" prefix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68816",
"url": "https://www.suse.com/security/cve/CVE-2025-68816"
},
{
"category": "external",
"summary": "SUSE Bug 1256674 for CVE-2025-68816",
"url": "https://bugzilla.suse.com/1256674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68816"
},
{
"cve": "CVE-2025-68819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()\n\nrlen value is a user-controlled value, but dtv5100_i2c_msg() does not\ncheck the size of the rlen value. Therefore, if it is set to a value\nlarger than sizeof(st-\u003edata), an out-of-bounds vuln occurs for st-\u003edata.\n\nTherefore, we need to add proper range checking to prevent this vuln.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68819",
"url": "https://www.suse.com/security/cve/CVE-2025-68819"
},
{
"category": "external",
"summary": "SUSE Bug 1256664 for CVE-2025-68819",
"url": "https://bugzilla.suse.com/1256664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68819"
},
{
"cve": "CVE-2025-68820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: xattr: fix null pointer deref in ext4_raw_inode()\n\nIf ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED),\niloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all()\nlacks error checking, this will lead to a null pointer dereference\nin ext4_raw_inode(), called right after ext4_get_inode_loc().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68820",
"url": "https://www.suse.com/security/cve/CVE-2025-68820"
},
{
"category": "external",
"summary": "SUSE Bug 1256754 for CVE-2025-68820",
"url": "https://bugzilla.suse.com/1256754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-68820"
},
{
"cve": "CVE-2025-71064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: using the num_tqps in the vf driver to apply for resources\n\nCurrently, hdev-\u003ehtqp is allocated using hdev-\u003enum_tqps, and kinfo-\u003etqp\nis allocated using kinfo-\u003enum_tqps. However, kinfo-\u003enum_tqps is set to\nmin(new_tqps, hdev-\u003enum_tqps); Therefore, kinfo-\u003enum_tqps may be smaller\nthan hdev-\u003enum_tqps, which causes some hdev-\u003ehtqp[i] to remain\nuninitialized in hclgevf_knic_setup().\n\nThus, this patch allocates hdev-\u003ehtqp and kinfo-\u003etqp using hdev-\u003enum_tqps,\nensuring that the lengths of hdev-\u003ehtqp and kinfo-\u003etqp are consistent\nand that all elements are properly initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71064",
"url": "https://www.suse.com/security/cve/CVE-2025-71064"
},
{
"category": "external",
"summary": "SUSE Bug 1256654 for CVE-2025-71064",
"url": "https://bugzilla.suse.com/1256654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71064"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2025-71076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Limit num_syncs to prevent oversized allocations\n\nThe OA open parameters did not validate num_syncs, allowing\nuserspace to pass arbitrarily large values, potentially\nleading to excessive allocations.\n\nAdd check to ensure that num_syncs does not exceed DRM_XE_MAX_SYNCS,\nreturning -EINVAL when the limit is violated.\n\nv2: use XE_IOCTL_DBG() and drop duplicated check. (Ashutosh)\n\n(cherry picked from commit e057b2d2b8d815df3858a87dffafa2af37e5945b)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71076",
"url": "https://www.suse.com/security/cve/CVE-2025-71076"
},
{
"category": "external",
"summary": "SUSE Bug 1256627 for CVE-2025-71076",
"url": "https://bugzilla.suse.com/1256627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71076"
},
{
"cve": "CVE-2025-71077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Cap the number of PCR banks\n\ntpm2_get_pcr_allocation() does not cap any upper limit for the number of\nbanks. Cap the limit to eight banks so that out of bounds values coming\nfrom external I/O cause on only limited harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71077",
"url": "https://www.suse.com/security/cve/CVE-2025-71077"
},
{
"category": "external",
"summary": "SUSE Bug 1256613 for CVE-2025-71077",
"url": "https://bugzilla.suse.com/1256613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71077"
},
{
"cve": "CVE-2025-71078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s/slb: Fix SLB multihit issue during SLB preload\n\nOn systems using the hash MMU, there is a software SLB preload cache that\nmirrors the entries loaded into the hardware SLB buffer. This preload\ncache is subject to periodic eviction - typically after every 256 context\nswitches - to remove old entry.\n\nTo optimize performance, the kernel skips switch_mmu_context() in\nswitch_mm_irqs_off() when the prev and next mm_struct are the same.\nHowever, on hash MMU systems, this can lead to inconsistencies between\nthe hardware SLB and the software preload cache.\n\nIf an SLB entry for a process is evicted from the software cache on one\nCPU, and the same process later runs on another CPU without executing\nswitch_mmu_context(), the hardware SLB may retain stale entries. If the\nkernel then attempts to reload that entry, it can trigger an SLB\nmulti-hit error.\n\nThe following timeline shows how stale SLB entries are created and can\ncause a multi-hit error when a process moves between CPUs without a\nMMU context switch.\n\nCPU 0 CPU 1\n----- -----\nProcess P\nexec swapper/1\n load_elf_binary\n begin_new_exc\n activate_mm\n switch_mm_irqs_off\n switch_mmu_context\n switch_slb\n /*\n * This invalidates all\n * the entries in the HW\n * and setup the new HW\n * SLB entries as per the\n * preload cache.\n */\ncontext_switch\nsched_migrate_task migrates process P to cpu-1\n\nProcess swapper/0 context switch (to process P)\n(uses mm_struct of Process P) switch_mm_irqs_off()\n switch_slb\n load_slb++\n /*\n * load_slb becomes 0 here\n * and we evict an entry from\n * the preload cache with\n * preload_age(). We still\n * keep HW SLB and preload\n * cache in sync, that is\n * because all HW SLB entries\n * anyways gets evicted in\n * switch_slb during SLBIA.\n * We then only add those\n * entries back in HW SLB,\n * which are currently\n * present in preload_cache\n * (after eviction).\n */\n load_elf_binary continues...\n setup_new_exec()\n slb_setup_new_exec()\n\n sched_switch event\n sched_migrate_task migrates\n process P to cpu-0\n\ncontext_switch from swapper/0 to Process P\n switch_mm_irqs_off()\n /*\n * Since both prev and next mm struct are same we don\u0027t call\n * switch_mmu_context(). This will cause the HW SLB and SW preload\n * cache to go out of sync in preload_new_slb_context. Because there\n * was an SLB entry which was evicted from both HW and preload cache\n * on cpu-1. Now later in preload_new_slb_context(), when we will try\n * to add the same preload entry again, we will add this to the SW\n * preload cache and then will add it to the HW SLB. Since on cpu-0\n * this entry was never invalidated, hence adding this entry to the HW\n * SLB will cause a SLB multi-hit error.\n */\nload_elf_binary cont\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71078",
"url": "https://www.suse.com/security/cve/CVE-2025-71078"
},
{
"category": "external",
"summary": "SUSE Bug 1256616 for CVE-2025-71078",
"url": "https://bugzilla.suse.com/1256616"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71078"
},
{
"cve": "CVE-2025-71079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write\n\nA deadlock can occur between nfc_unregister_device() and rfkill_fop_write()\ndue to lock ordering inversion between device_lock and rfkill_global_mutex.\n\nThe problematic lock order is:\n\nThread A (rfkill_fop_write):\n rfkill_fop_write()\n mutex_lock(\u0026rfkill_global_mutex)\n rfkill_set_block()\n nfc_rfkill_set_block()\n nfc_dev_down()\n device_lock(\u0026dev-\u003edev) \u003c- waits for device_lock\n\nThread B (nfc_unregister_device):\n nfc_unregister_device()\n device_lock(\u0026dev-\u003edev)\n rfkill_unregister()\n mutex_lock(\u0026rfkill_global_mutex) \u003c- waits for rfkill_global_mutex\n\nThis creates a classic ABBA deadlock scenario.\n\nFix this by moving rfkill_unregister() and rfkill_destroy() outside the\ndevice_lock critical section. Store the rfkill pointer in a local variable\nbefore releasing the lock, then call rfkill_unregister() after releasing\ndevice_lock.\n\nThis change is safe because rfkill_fop_write() holds rfkill_global_mutex\nwhile calling the rfkill callbacks, and rfkill_unregister() also acquires\nrfkill_global_mutex before cleanup. Therefore, rfkill_unregister() will\nwait for any ongoing callback to complete before proceeding, and\ndevice_del() is only called after rfkill_unregister() returns, preventing\nany use-after-free.\n\nThe similar lock ordering in nfc_register_device() (device_lock -\u003e\nrfkill_global_mutex via rfkill_register) is safe because during\nregistration the device is not yet in rfkill_list, so no concurrent\nrfkill operations can occur on this device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71079",
"url": "https://www.suse.com/security/cve/CVE-2025-71079"
},
{
"category": "external",
"summary": "SUSE Bug 1256619 for CVE-2025-71079",
"url": "https://bugzilla.suse.com/1256619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71079"
},
{
"cve": "CVE-2025-71080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT\n\nOn PREEMPT_RT kernels, after rt6_get_pcpu_route() returns NULL, the\ncurrent task can be preempted. Another task running on the same CPU\nmay then execute rt6_make_pcpu_route() and successfully install a\npcpu_rt entry. When the first task resumes execution, its cmpxchg()\nin rt6_make_pcpu_route() will fail because rt6i_pcpu is no longer\nNULL, triggering the BUG_ON(prev). It\u0027s easy to reproduce it by adding\nmdelay() after rt6_get_pcpu_route().\n\nUsing preempt_disable/enable is not appropriate here because\nip6_rt_pcpu_alloc() may sleep.\n\nFix this by handling the cmpxchg() failure gracefully on PREEMPT_RT:\nfree our allocation and return the existing pcpu_rt installed by\nanother task. The BUG_ON is replaced by WARN_ON_ONCE for non-PREEMPT_RT\nkernels where such races should not occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71080",
"url": "https://www.suse.com/security/cve/CVE-2025-71080"
},
{
"category": "external",
"summary": "SUSE Bug 1256608 for CVE-2025-71080",
"url": "https://bugzilla.suse.com/1256608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "low"
}
],
"title": "CVE-2025-71080"
},
{
"cve": "CVE-2025-71081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: stm32: sai: fix OF node leak on probe\n\nThe reference taken to the sync provider OF node when probing the\nplatform device is currently only dropped if the set_sync() callback\nfails during DAI probe.\n\nMake sure to drop the reference on platform probe failures (e.g. probe\ndeferral) and on driver unbind.\n\nThis also avoids a potential use-after-free in case the DAI is ever\nreprobed without first rebinding the platform driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71081",
"url": "https://www.suse.com/security/cve/CVE-2025-71081"
},
{
"category": "external",
"summary": "SUSE Bug 1256609 for CVE-2025-71081",
"url": "https://bugzilla.suse.com/1256609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71081"
},
{
"cve": "CVE-2025-71082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71082"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: revert use of devm_kzalloc in btusb\n\nThis reverts commit 98921dbd00c4e (\"Bluetooth: Use devm_kzalloc in\nbtusb.c file\").\n\nIn btusb_probe(), we use devm_kzalloc() to allocate the btusb data. This\nties the lifetime of all the btusb data to the binding of a driver to\none interface, INTF. In a driver that binds to other interfaces, ISOC\nand DIAG, this is an accident waiting to happen.\n\nThe issue is revealed in btusb_disconnect(), where calling\nusb_driver_release_interface(\u0026btusb_driver, data-\u003eintf) will have devm\nfree the data that is also being used by the other interfaces of the\ndriver that may not be released yet.\n\nTo fix this, revert the use of devm and go back to freeing memory\nexplicitly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71082",
"url": "https://www.suse.com/security/cve/CVE-2025-71082"
},
{
"category": "external",
"summary": "SUSE Bug 1256611 for CVE-2025-71082",
"url": "https://bugzilla.suse.com/1256611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71082"
},
{
"cve": "CVE-2025-71083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: Avoid NULL pointer deref for evicted BOs\n\nIt is possible for a BO to exist that is not currently associated with a\nresource, e.g. because it has been evicted.\n\nWhen devcoredump tries to read the contents of all BOs for dumping, we need\nto expect this as well -- in this case, ENODATA is recorded instead of the\nbuffer contents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71083",
"url": "https://www.suse.com/security/cve/CVE-2025-71083"
},
{
"category": "external",
"summary": "SUSE Bug 1256610 for CVE-2025-71083",
"url": "https://bugzilla.suse.com/1256610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71083"
},
{
"cve": "CVE-2025-71084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cm: Fix leaking the multicast GID table reference\n\nIf the CM ID is destroyed while the CM event for multicast creating is\nstill queued the cancel_work_sync() will prevent the work from running\nwhich also prevents destroying the ah_attr. This leaks a refcount and\ntriggers a WARN:\n\n GID entry ref leak for dev syz1 index 2 ref=573\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 release_gid_table drivers/infiniband/core/cache.c:806 [inline]\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886\n\nDestroy the ah_attr after canceling the work, it is safe to call this\ntwice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71084",
"url": "https://www.suse.com/security/cve/CVE-2025-71084"
},
{
"category": "external",
"summary": "SUSE Bug 1256622 for CVE-2025-71084",
"url": "https://bugzilla.suse.com/1256622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "low"
}
],
"title": "CVE-2025-71084"
},
{
"cve": "CVE-2025-71085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()\n\nThere exists a kernel oops caused by a BUG_ON(nhead \u003c 0) at\nnet/core/skbuff.c:2232 in pskb_expand_head().\nThis bug is triggered as part of the calipso_skbuff_setattr()\nroutine when skb_cow() is passed headroom \u003e INT_MAX\n(i.e. (int)(skb_headroom(skb) + len_delta) \u003c 0).\n\nThe root cause of the bug is due to an implicit integer cast in\n__skb_cow(). The check (headroom \u003e skb_headroom(skb)) is meant to ensure\nthat delta = headroom - skb_headroom(skb) is never negative, otherwise\nwe will trigger a BUG_ON in pskb_expand_head(). However, if\nheadroom \u003e INT_MAX and delta \u003c= -NET_SKB_PAD, the check passes, delta\nbecomes negative, and pskb_expand_head() is passed a negative value for\nnhead.\n\nFix the trigger condition in calipso_skbuff_setattr(). Avoid passing\n\"negative\" headroom sizes to skb_cow() within calipso_skbuff_setattr()\nby only using skb_cow() to grow headroom.\n\nPoC:\n\tUsing `netlabelctl` tool:\n\n netlabelctl map del default\n netlabelctl calipso add pass doi:7\n netlabelctl map add default address:0::1/128 protocol:calipso,7\n\n Then run the following PoC:\n\n int fd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);\n\n // setup msghdr\n int cmsg_size = 2;\n int cmsg_len = 0x60;\n struct msghdr msg;\n struct sockaddr_in6 dest_addr;\n struct cmsghdr * cmsg = (struct cmsghdr *) calloc(1,\n sizeof(struct cmsghdr) + cmsg_len);\n msg.msg_name = \u0026dest_addr;\n msg.msg_namelen = sizeof(dest_addr);\n msg.msg_iov = NULL;\n msg.msg_iovlen = 0;\n msg.msg_control = cmsg;\n msg.msg_controllen = cmsg_len;\n msg.msg_flags = 0;\n\n // setup sockaddr\n dest_addr.sin6_family = AF_INET6;\n dest_addr.sin6_port = htons(31337);\n dest_addr.sin6_flowinfo = htonl(31337);\n dest_addr.sin6_addr = in6addr_loopback;\n dest_addr.sin6_scope_id = 31337;\n\n // setup cmsghdr\n cmsg-\u003ecmsg_len = cmsg_len;\n cmsg-\u003ecmsg_level = IPPROTO_IPV6;\n cmsg-\u003ecmsg_type = IPV6_HOPOPTS;\n char * hop_hdr = (char *)cmsg + sizeof(struct cmsghdr);\n hop_hdr[1] = 0x9; //set hop size - (0x9 + 1) * 8 = 80\n\n sendmsg(fd, \u0026msg, 0);",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71085",
"url": "https://www.suse.com/security/cve/CVE-2025-71085"
},
{
"category": "external",
"summary": "SUSE Bug 1256623 for CVE-2025-71085",
"url": "https://bugzilla.suse.com/1256623"
},
{
"category": "external",
"summary": "SUSE Bug 1256624 for CVE-2025-71085",
"url": "https://bugzilla.suse.com/1256624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-71085"
},
{
"cve": "CVE-2025-71086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix invalid array index in rose_kill_by_device()\n\nrose_kill_by_device() collects sockets into a local array[] and then\niterates over them to disconnect sockets bound to a device being brought\ndown.\n\nThe loop mistakenly indexes array[cnt] instead of array[i]. For cnt \u003c\nARRAY_SIZE(array), this reads an uninitialized entry; for cnt ==\nARRAY_SIZE(array), it is an out-of-bounds read. Either case can lead to\nan invalid socket pointer dereference and also leaks references taken\nvia sock_hold().\n\nFix the index to use i.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71086",
"url": "https://www.suse.com/security/cve/CVE-2025-71086"
},
{
"category": "external",
"summary": "SUSE Bug 1256625 for CVE-2025-71086",
"url": "https://bugzilla.suse.com/1256625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71086"
},
{
"cve": "CVE-2025-71087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: fix off-by-one issues in iavf_config_rss_reg()\n\nThere are off-by-one bugs when configuring RSS hash key and lookup\ntable, causing out-of-bounds reads to memory [1] and out-of-bounds\nwrites to device registers.\n\nBefore commit 43a3d9ba34c9 (\"i40evf: Allow PF driver to configure RSS\"),\nthe loop upper bounds were:\n i \u003c= I40E_VFQF_{HKEY,HLUT}_MAX_INDEX\nwhich is safe since the value is the last valid index.\n\nThat commit changed the bounds to:\n i \u003c= adapter-\u003erss_{key,lut}_size / 4\nwhere `rss_{key,lut}_size / 4` is the number of dwords, so the last\nvalid index is `(rss_{key,lut}_size / 4) - 1`. Therefore, using `\u003c=`\naccesses one element past the end.\n\nFix the issues by using `\u003c` instead of `\u003c=`, ensuring we do not exceed\nthe bounds.\n\n[1] KASAN splat about rss_key_size off-by-one\n BUG: KASAN: slab-out-of-bounds in iavf_config_rss+0x619/0x800\n Read of size 4 at addr ffff888102c50134 by task kworker/u8:6/63\n\n CPU: 0 UID: 0 PID: 63 Comm: kworker/u8:6 Not tainted 6.18.0-rc2-enjuk-tnguy-00378-g3005f5b77652-dirty #156 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Workqueue: iavf iavf_watchdog_task\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6f/0xb0\n print_report+0x170/0x4f3\n kasan_report+0xe1/0x1a0\n iavf_config_rss+0x619/0x800\n iavf_watchdog_task+0x2be7/0x3230\n process_one_work+0x7fd/0x1420\n worker_thread+0x4d1/0xd40\n kthread+0x344/0x660\n ret_from_fork+0x249/0x320\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 63:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7f/0x90\n __kmalloc_noprof+0x246/0x6f0\n iavf_watchdog_task+0x28fc/0x3230\n process_one_work+0x7fd/0x1420\n worker_thread+0x4d1/0xd40\n kthread+0x344/0x660\n ret_from_fork+0x249/0x320\n ret_from_fork_asm+0x1a/0x30\n\n The buggy address belongs to the object at ffff888102c50100\n which belongs to the cache kmalloc-64 of size 64\n The buggy address is located 0 bytes to the right of\n allocated 52-byte region [ffff888102c50100, ffff888102c50134)\n\n The buggy address belongs to the physical page:\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c50\n flags: 0x200000000000000(node=0|zone=2)\n page_type: f5(slab)\n raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff888102c50000: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc\n ffff888102c50080: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc\n \u003effff888102c50100: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc\n ^\n ffff888102c50180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc\n ffff888102c50200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71087",
"url": "https://www.suse.com/security/cve/CVE-2025-71087"
},
{
"category": "external",
"summary": "SUSE Bug 1256628 for CVE-2025-71087",
"url": "https://bugzilla.suse.com/1256628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71087"
},
{
"cve": "CVE-2025-71088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fallback earlier on simult connection\n\nSyzkaller reports a simult-connect race leading to inconsistent fallback\nstatus:\n\n WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n Modules linked in:\n CPU: 3 UID: 0 PID: 33 Comm: ksoftirqd/3 Not tainted syzkaller #0 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n Code: 89 ee e8 78 61 3c f6 40 84 ed 75 21 e8 8e 66 3c f6 44 89 fe bf 07 00 00 00 e8 c1 61 3c f6 41 83 ff 07 74 09 e8 76 66 3c f6 90 \u003c0f\u003e 0b 90 e8 6d 66 3c f6 48 89 df e8 e5 ad ff ff 31 ff 89 c5 89 c6\n RSP: 0018:ffffc900006cf338 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff888031acd100 RCX: ffffffff8b7f2abf\n RDX: ffff88801e6ea440 RSI: ffffffff8b7f2aca RDI: 0000000000000005\n RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000007\n R10: 0000000000000004 R11: 0000000000002c10 R12: ffff88802ba69900\n R13: 1ffff920000d9e67 R14: ffff888046f81800 R15: 0000000000000004\n FS: 0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000560fc0ca1670 CR3: 0000000032c3a000 CR4: 0000000000352ef0\n Call Trace:\n \u003cTASK\u003e\n tcp_data_queue+0x13b0/0x4f90 net/ipv4/tcp_input.c:5197\n tcp_rcv_state_process+0xfdf/0x4ec0 net/ipv4/tcp_input.c:6922\n tcp_v6_do_rcv+0x492/0x1740 net/ipv6/tcp_ipv6.c:1672\n tcp_v6_rcv+0x2976/0x41e0 net/ipv6/tcp_ipv6.c:1918\n ip6_protocol_deliver_rcu+0x188/0x1520 net/ipv6/ip6_input.c:438\n ip6_input_finish+0x1e4/0x4b0 net/ipv6/ip6_input.c:489\n NF_HOOK include/linux/netfilter.h:318 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ip6_input+0x105/0x2f0 net/ipv6/ip6_input.c:500\n dst_input include/net/dst.h:471 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n NF_HOOK include/linux/netfilter.h:318 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x264/0x650 net/ipv6/ip6_input.c:311\n __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:5979\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:6092\n process_backlog+0x442/0x15e0 net/core/dev.c:6444\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7494\n napi_poll net/core/dev.c:7557 [inline]\n net_rx_action+0xa9f/0xfe0 net/core/dev.c:7684\n handle_softirqs+0x216/0x8e0 kernel/softirq.c:579\n run_ksoftirqd kernel/softirq.c:968 [inline]\n run_ksoftirqd+0x3a/0x60 kernel/softirq.c:960\n smpboot_thread_fn+0x3f7/0xae0 kernel/smpboot.c:160\n kthread+0x3c2/0x780 kernel/kthread.c:463\n ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nThe TCP subflow can process the simult-connect syn-ack packet after\ntransitioning to TCP_FIN1 state, bypassing the MPTCP fallback check,\nas the sk_state_change() callback is not invoked for * -\u003e FIN_WAIT1\ntransitions.\n\nThat will move the msk socket to an inconsistent status and the next\nincoming data will hit the reported splat.\n\nClose the race moving the simult-fallback check at the earliest possible\nstage - that is at syn-ack generation time.\n\nAbout the fixes tags: [2] was supposed to also fix this issue introduced\nby [3]. [1] is required as a dependence: it was not explicitly marked as\na fix, but it is one and it has already been backported before [3]. In\nother words, this commit should be backported up to [3], including [2]\nand [1] if that\u0027s not already there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71088",
"url": "https://www.suse.com/security/cve/CVE-2025-71088"
},
{
"category": "external",
"summary": "SUSE Bug 1256630 for CVE-2025-71088",
"url": "https://bugzilla.suse.com/1256630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71088"
},
{
"cve": "CVE-2025-71089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: disable SVA when CONFIG_X86 is set\n\nPatch series \"Fix stale IOTLB entries for kernel address space\", v7.\n\nThis proposes a fix for a security vulnerability related to IOMMU Shared\nVirtual Addressing (SVA). In an SVA context, an IOMMU can cache kernel\npage table entries. When a kernel page table page is freed and\nreallocated for another purpose, the IOMMU might still hold stale,\nincorrect entries. This can be exploited to cause a use-after-free or\nwrite-after-free condition, potentially leading to privilege escalation or\ndata corruption.\n\nThis solution introduces a deferred freeing mechanism for kernel page\ntable pages, which provides a safe window to notify the IOMMU to\ninvalidate its caches before the page is reused.\n\n\nThis patch (of 8):\n\nIn the IOMMU Shared Virtual Addressing (SVA) context, the IOMMU hardware\nshares and walks the CPU\u0027s page tables. The x86 architecture maps the\nkernel\u0027s virtual address space into the upper portion of every process\u0027s\npage table. Consequently, in an SVA context, the IOMMU hardware can walk\nand cache kernel page table entries.\n\nThe Linux kernel currently lacks a notification mechanism for kernel page\ntable changes, specifically when page table pages are freed and reused. \nThe IOMMU driver is only notified of changes to user virtual address\nmappings. This can cause the IOMMU\u0027s internal caches to retain stale\nentries for kernel VA.\n\nUse-After-Free (UAF) and Write-After-Free (WAF) conditions arise when\nkernel page table pages are freed and later reallocated. The IOMMU could\nmisinterpret the new data as valid page table entries. The IOMMU might\nthen walk into attacker-controlled memory, leading to arbitrary physical\nmemory DMA access or privilege escalation. This is also a\nWrite-After-Free issue, as the IOMMU will potentially continue to write\nAccessed and Dirty bits to the freed memory while attempting to walk the\nstale page tables.\n\nCurrently, SVA contexts are unprivileged and cannot access kernel\nmappings. However, the IOMMU will still walk kernel-only page tables all\nthe way down to the leaf entries, where it realizes the mapping is for the\nkernel and errors out. This means the IOMMU still caches these\nintermediate page table entries, making the described vulnerability a real\nconcern.\n\nDisable SVA on x86 architecture until the IOMMU can receive notification\nto flush the paging cache before freeing the CPU kernel page table pages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71089",
"url": "https://www.suse.com/security/cve/CVE-2025-71089"
},
{
"category": "external",
"summary": "SUSE Bug 1256612 for CVE-2025-71089",
"url": "https://bugzilla.suse.com/1256612"
},
{
"category": "external",
"summary": "SUSE Bug 1256615 for CVE-2025-71089",
"url": "https://bugzilla.suse.com/1256615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-71089"
},
{
"cve": "CVE-2025-71091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: fix check for port enabled in team_queue_override_port_prio_changed()\n\nThere has been a syzkaller bug reported recently with the following\ntrace:\n\nlist_del corruption, ffff888058bea080-\u003eprev is LIST_POISON2 (dead000000000122)\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:59!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nCPU: 3 UID: 0 PID: 21246 Comm: syz.0.2928 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:__list_del_entry_valid_or_report+0x13e/0x200 lib/list_debug.c:59\nCode: 48 c7 c7 e0 71 f0 8b e8 30 08 ef fc 90 0f 0b 48 89 ef e8 a5 02 55 fd 48 89 ea 48 89 de 48 c7 c7 40 72 f0 8b e8 13 08 ef fc 90 \u003c0f\u003e 0b 48 89 ef e8 88 02 55 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d49f370 EFLAGS: 00010286\nRAX: 000000000000004e RBX: ffff888058bea080 RCX: ffffc9002817d000\nRDX: 0000000000000000 RSI: ffffffff819becc6 RDI: 0000000000000005\nRBP: dead000000000122 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000080000000 R11: 0000000000000001 R12: ffff888039e9c230\nR13: ffff888058bea088 R14: ffff888058bea080 R15: ffff888055461480\nFS: 00007fbbcfe6f6c0(0000) GS:ffff8880d6d0a000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000110c3afcb0 CR3: 00000000382c7000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n __list_del_entry_valid include/linux/list.h:132 [inline]\n __list_del_entry include/linux/list.h:223 [inline]\n list_del_rcu include/linux/rculist.h:178 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:826 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:821 [inline]\n team_queue_override_port_prio_changed drivers/net/team/team_core.c:883 [inline]\n team_priority_option_set+0x171/0x2f0 drivers/net/team/team_core.c:1534\n team_option_set drivers/net/team/team_core.c:376 [inline]\n team_nl_options_set_doit+0x8ae/0xe60 drivers/net/team/team_core.c:2653\n genl_family_rcv_msg_doit+0x209/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa98/0xc70 net/socket.c:2630\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2684\n __sys_sendmsg+0x16d/0x220 net/socket.c:2716\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe problem is in this flow:\n1) Port is enabled, queue_id != 0, in qom_list\n2) Port gets disabled\n -\u003e team_port_disable()\n -\u003e team_queue_override_port_del()\n -\u003e del (removed from list)\n3) Port is disabled, queue_id != 0, not in any list\n4) Priority changes\n -\u003e team_queue_override_port_prio_changed()\n -\u003e checks: port disabled \u0026\u0026 queue_id != 0\n -\u003e calls del - hits the BUG as it is removed already\n\nTo fix this, change the check in team_queue_override_port_prio_changed()\nso it returns early if port is not enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71091",
"url": "https://www.suse.com/security/cve/CVE-2025-71091"
},
{
"category": "external",
"summary": "SUSE Bug 1256773 for CVE-2025-71091",
"url": "https://bugzilla.suse.com/1256773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71091"
},
{
"cve": "CVE-2025-71093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ne1000: fix OOB in e1000_tbi_should_accept()\n\nIn e1000_tbi_should_accept() we read the last byte of the frame via\n\u0027data[length - 1]\u0027 to evaluate the TBI workaround. If the descriptor-\nreported length is zero or larger than the actual RX buffer size, this\nread goes out of bounds and can hit unrelated slab objects. The issue\nis observed from the NAPI receive path (e1000_clean_rx_irq):\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in e1000_tbi_should_accept+0x610/0x790\nRead of size 1 at addr ffff888014114e54 by task sshd/363\n\nCPU: 0 PID: 363 Comm: sshd Not tainted 5.18.0-rc1 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x5a/0x74\n print_address_description+0x7b/0x440\n print_report+0x101/0x200\n kasan_report+0xc1/0xf0\n e1000_tbi_should_accept+0x610/0x790\n e1000_clean_rx_irq+0xa8c/0x1110\n e1000_clean+0xde2/0x3c10\n __napi_poll+0x98/0x380\n net_rx_action+0x491/0xa20\n __do_softirq+0x2c9/0x61d\n do_softirq+0xd1/0x120\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xfe/0x130\n ip_finish_output2+0x7d5/0xb00\n __ip_queue_xmit+0xe24/0x1ab0\n __tcp_transmit_skb+0x1bcb/0x3340\n tcp_write_xmit+0x175d/0x6bd0\n __tcp_push_pending_frames+0x7b/0x280\n tcp_sendmsg_locked+0x2e4f/0x32d0\n tcp_sendmsg+0x24/0x40\n sock_write_iter+0x322/0x430\n vfs_write+0x56c/0xa60\n ksys_write+0xd1/0x190\n do_syscall_64+0x43/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f511b476b10\nCode: 73 01 c3 48 8b 0d 88 d3 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d f9 2b 2c 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 8e 9b 01 00 48 89 04 24\nRSP: 002b:00007ffc9211d4e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000004024 RCX: 00007f511b476b10\nRDX: 0000000000004024 RSI: 0000559a9385962c RDI: 0000000000000003\nRBP: 0000559a9383a400 R08: fffffffffffffff0 R09: 0000000000004f00\nR10: 0000000000000070 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007ffc9211d57f R14: 0000559a9347bde7 R15: 0000000000000003\n \u003c/TASK\u003e\nAllocated by task 1:\n __kasan_krealloc+0x131/0x1c0\n krealloc+0x90/0xc0\n add_sysfs_param+0xcb/0x8a0\n kernel_add_sysfs_param+0x81/0xd4\n param_sysfs_builtin+0x138/0x1a6\n param_sysfs_init+0x57/0x5b\n do_one_initcall+0x104/0x250\n do_initcall_level+0x102/0x132\n do_initcalls+0x46/0x74\n kernel_init_freeable+0x28f/0x393\n kernel_init+0x14/0x1a0\n ret_from_fork+0x22/0x30\nThe buggy address belongs to the object at ffff888014114000\n which belongs to the cache kmalloc-2k of size 2048\nThe buggy address is located 1620 bytes to the right of\n 2048-byte region [ffff888014114000, ffff888014114800]\nThe buggy address belongs to the physical page:\npage:ffffea0000504400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14110\nhead:ffffea0000504400 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0x100000000010200(slab|head|node=0|zone=1)\nraw: 0100000000010200 0000000000000000 dead000000000001 ffff888013442000\nraw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n==================================================================\n\nThis happens because the TBI check unconditionally dereferences the last\nbyte without validating the reported length first:\n\n\tu8 last_byte = *(data + length - 1);\n\nFix by rejecting the frame early if the length is zero, or if it exceeds\nadapter-\u003erx_buffer_len. This preserves the TBI workaround semantics for\nvalid frames and prevents touching memory beyond the RX buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71093",
"url": "https://www.suse.com/security/cve/CVE-2025-71093"
},
{
"category": "external",
"summary": "SUSE Bug 1256777 for CVE-2025-71093",
"url": "https://bugzilla.suse.com/1256777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71093"
},
{
"cve": "CVE-2025-71094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix: validate PHY address before use\n\nThe ASIX driver reads the PHY address from the USB device via\nasix_read_phy_addr(). A malicious or faulty device can return an\ninvalid address (\u003e= PHY_MAX_ADDR), which causes a warning in\nmdiobus_get_phy():\n\n addr 207 out of range\n WARNING: drivers/net/phy/mdio_bus.c:76\n\nValidate the PHY address in asix_read_phy_addr() and remove the\nnow-redundant check in ax88172a.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71094",
"url": "https://www.suse.com/security/cve/CVE-2025-71094"
},
{
"category": "external",
"summary": "SUSE Bug 1256597 for CVE-2025-71094",
"url": "https://bugzilla.suse.com/1256597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "low"
}
],
"title": "CVE-2025-71094"
},
{
"cve": "CVE-2025-71095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix the crash issue for zero copy XDP_TX action\n\nThere is a crash issue when running zero copy XDP_TX action, the crash\nlog is shown below.\n\n[ 216.122464] Unable to handle kernel paging request at virtual address fffeffff80000000\n[ 216.187524] Internal error: Oops: 0000000096000144 [#1] SMP\n[ 216.301694] Call trace:\n[ 216.304130] dcache_clean_poc+0x20/0x38 (P)\n[ 216.308308] __dma_sync_single_for_device+0x1bc/0x1e0\n[ 216.313351] stmmac_xdp_xmit_xdpf+0x354/0x400\n[ 216.317701] __stmmac_xdp_run_prog+0x164/0x368\n[ 216.322139] stmmac_napi_poll_rxtx+0xba8/0xf00\n[ 216.326576] __napi_poll+0x40/0x218\n[ 216.408054] Kernel panic - not syncing: Oops: Fatal exception in interrupt\n\nFor XDP_TX action, the xdp_buff is converted to xdp_frame by\nxdp_convert_buff_to_frame(). The memory type of the resulting xdp_frame\ndepends on the memory type of the xdp_buff. For page pool based xdp_buff\nit produces xdp_frame with memory type MEM_TYPE_PAGE_POOL. For zero copy\nXSK pool based xdp_buff it produces xdp_frame with memory type\nMEM_TYPE_PAGE_ORDER0. However, stmmac_xdp_xmit_back() does not check the\nmemory type and always uses the page pool type, this leads to invalid\nmappings and causes the crash. Therefore, check the xdp_buff memory type\nin stmmac_xdp_xmit_back() to fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71095",
"url": "https://www.suse.com/security/cve/CVE-2025-71095"
},
{
"category": "external",
"summary": "SUSE Bug 1256605 for CVE-2025-71095",
"url": "https://bugzilla.suse.com/1256605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71095"
},
{
"cve": "CVE-2025-71096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly\n\nThe netlink response for RDMA_NL_LS_OP_IP_RESOLVE should always have a\nLS_NLA_TYPE_DGID attribute, it is invalid if it does not.\n\nUse the nl parsing logic properly and call nla_parse_deprecated() to fill\nthe nlattrs array and then directly index that array to get the data for\nthe DGID. Just fail if it is NULL.\n\nRemove the for loop searching for the nla, and squash the validation and\nparsing into one function.\n\nFixes an uninitialized read from the stack triggered by userspace if it\ndoes not provide the DGID to a kernel initiated RDMA_NL_LS_OP_IP_RESOLVE\nquery.\n\n BUG: KMSAN: uninit-value in hex_byte_pack include/linux/hex.h:13 [inline]\n BUG: KMSAN: uninit-value in ip6_string+0xef4/0x13a0 lib/vsprintf.c:1490\n hex_byte_pack include/linux/hex.h:13 [inline]\n ip6_string+0xef4/0x13a0 lib/vsprintf.c:1490\n ip6_addr_string+0x18a/0x3e0 lib/vsprintf.c:1509\n ip_addr_string+0x245/0xee0 lib/vsprintf.c:1633\n pointer+0xc09/0x1bd0 lib/vsprintf.c:2542\n vsnprintf+0xf8a/0x1bd0 lib/vsprintf.c:2930\n vprintk_store+0x3ae/0x1530 kernel/printk/printk.c:2279\n vprintk_emit+0x307/0xcd0 kernel/printk/printk.c:2426\n vprintk_default+0x3f/0x50 kernel/printk/printk.c:2465\n vprintk+0x36/0x50 kernel/printk/printk_safe.c:82\n _printk+0x17e/0x1b0 kernel/printk/printk.c:2475\n ib_nl_process_good_ip_rsep drivers/infiniband/core/addr.c:128 [inline]\n ib_nl_handle_ip_res_resp+0x963/0x9d0 drivers/infiniband/core/addr.c:141\n rdma_nl_rcv_msg drivers/infiniband/core/netlink.c:-1 [inline]\n rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]\n rdma_nl_rcv+0xefa/0x11c0 drivers/infiniband/core/netlink.c:259\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0xf04/0x12b0 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x10b3/0x1250 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x333/0x3d0 net/socket.c:729\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2617\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2671\n __sys_sendmsg+0x1aa/0x300 net/socket.c:2703\n __compat_sys_sendmsg net/compat.c:346 [inline]\n __do_compat_sys_sendmsg net/compat.c:353 [inline]\n __se_compat_sys_sendmsg net/compat.c:350 [inline]\n __ia32_compat_sys_sendmsg+0xa4/0x100 net/compat.c:350\n ia32_sys_call+0x3f6c/0x4310 arch/x86/include/generated/asm/syscalls_32.h:371\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x150 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71096",
"url": "https://www.suse.com/security/cve/CVE-2025-71096"
},
{
"category": "external",
"summary": "SUSE Bug 1256606 for CVE-2025-71096",
"url": "https://bugzilla.suse.com/1256606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71096"
},
{
"cve": "CVE-2025-71097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix reference count leak when using error routes with nexthop objects\n\nWhen a nexthop object is deleted, it is marked as dead and then\nfib_table_flush() is called to flush all the routes that are using the\ndead nexthop.\n\nThe current logic in fib_table_flush() is to only flush error routes\n(e.g., blackhole) when it is called as part of network namespace\ndismantle (i.e., with flush_all=true). Therefore, error routes are not\nflushed when their nexthop object is deleted:\n\n # ip link add name dummy1 up type dummy\n # ip nexthop add id 1 dev dummy1\n # ip route add 198.51.100.1/32 nhid 1\n # ip route add blackhole 198.51.100.2/32 nhid 1\n # ip nexthop del id 1\n # ip route show\n blackhole 198.51.100.2 nhid 1 dev dummy1\n\nAs such, they keep holding a reference on the nexthop object which in\nturn holds a reference on the nexthop device, resulting in a reference\ncount leak:\n\n # ip link del dev dummy1\n [ 70.516258] unregister_netdevice: waiting for dummy1 to become free. Usage count = 2\n\nFix by flushing error routes when their nexthop is marked as dead.\n\nIPv6 does not suffer from this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71097",
"url": "https://www.suse.com/security/cve/CVE-2025-71097"
},
{
"category": "external",
"summary": "SUSE Bug 1256607 for CVE-2025-71097",
"url": "https://bugzilla.suse.com/1256607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71097"
},
{
"cve": "CVE-2025-71098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: make ip6gre_header() robust\n\nOver the years, syzbot found many ways to crash the kernel\nin ip6gre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ip6gre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:213 !\n \u003cTASK\u003e\n skb_under_panic net/core/skbuff.c:223 [inline]\n skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371\n dev_hard_header include/linux/netdevice.h:3436 [inline]\n neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n neigh_output include/net/neighbour.h:556 [inline]\n ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136\n __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline]\n ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71098",
"url": "https://www.suse.com/security/cve/CVE-2025-71098"
},
{
"category": "external",
"summary": "SUSE Bug 1256591 for CVE-2025-71098",
"url": "https://bugzilla.suse.com/1256591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71098"
},
{
"cve": "CVE-2025-71099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl()\n\nIn xe_oa_add_config_ioctl(), we accessed oa_config-\u003eid after dropping\nmetrics_lock. Since this lock protects the lifetime of oa_config, an\nattacker could guess the id and call xe_oa_remove_config_ioctl() with\nperfect timing, freeing oa_config before we dereference it, leading to\na potential use-after-free.\n\nFix this by caching the id in a local variable while holding the lock.\n\nv2: (Matt A)\n- Dropped mutex_unlock(\u0026oa-\u003emetrics_lock) ordering change from\n xe_oa_remove_config_ioctl()\n\n(cherry picked from commit 28aeaed130e8e587fd1b73b6d66ca41ccc5a1a31)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71099",
"url": "https://www.suse.com/security/cve/CVE-2025-71099"
},
{
"category": "external",
"summary": "SUSE Bug 1256592 for CVE-2025-71099",
"url": "https://bugzilla.suse.com/1256592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71099"
},
{
"cve": "CVE-2025-71100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()\n\nTID getting from ieee80211_get_tid() might be out of range of array size\nof sta_entry-\u003etids[], so check TID is less than MAX_TID_COUNT. Othwerwise,\nUBSAN warn:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/realtek/rtlwifi/rtl8192cu/trx.c:514:30\n index 10 is out of range for type \u0027rtl_tid_data [9]\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71100",
"url": "https://www.suse.com/security/cve/CVE-2025-71100"
},
{
"category": "external",
"summary": "SUSE Bug 1256593 for CVE-2025-71100",
"url": "https://bugzilla.suse.com/1256593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71100"
},
{
"cve": "CVE-2025-71101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing\n\nThe hp_populate_*_elements_from_package() functions in the hp-bioscfg\ndriver contain out-of-bounds array access vulnerabilities.\n\nThese functions parse ACPI packages into internal data structures using\na for loop with index variable \u0027elem\u0027 that iterates through\nenum_obj/integer_obj/order_obj/password_obj/string_obj arrays.\n\nWhen processing multi-element fields like PREREQUISITES and\nENUM_POSSIBLE_VALUES, these functions read multiple consecutive array\nelements using expressions like \u0027enum_obj[elem + reqs]\u0027 and\n\u0027enum_obj[elem + pos_values]\u0027 within nested loops.\n\nThe bug is that the bounds check only validated elem, but did not consider\nthe additional offset when accessing elem + reqs or elem + pos_values.\n\nThe fix changes the bounds check to validate the actual accessed index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71101",
"url": "https://www.suse.com/security/cve/CVE-2025-71101"
},
{
"category": "external",
"summary": "SUSE Bug 1256594 for CVE-2025-71101",
"url": "https://bugzilla.suse.com/1256594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71101"
},
{
"cve": "CVE-2025-71108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Handle incorrect num_connectors capability\n\nThe UCSI spec states that the num_connectors field is 7 bits, and the\n8th bit is reserved and should be set to zero.\nSome buggy FW has been known to set this bit, and it can lead to a\nsystem not booting.\nFlag that the FW is not behaving correctly, and auto-fix the value\nso that the system boots correctly.\n\nFound on Lenovo P1 G8 during Linux enablement program. The FW will\nbe fixed, but seemed worth addressing in case it hit platforms that\naren\u0027t officially Linux supported.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71108",
"url": "https://www.suse.com/security/cve/CVE-2025-71108"
},
{
"category": "external",
"summary": "SUSE Bug 1256774 for CVE-2025-71108",
"url": "https://bugzilla.suse.com/1256774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71108"
},
{
"cve": "CVE-2025-71111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83791d) Convert macros to functions to avoid TOCTOU\n\nThe macro FAN_FROM_REG evaluates its arguments multiple times. When used\nin lockless contexts involving shared driver data, this leads to\nTime-of-Check to Time-of-Use (TOCTOU) race conditions, potentially\ncausing divide-by-zero errors.\n\nConvert the macro to a static function. This guarantees that arguments\nare evaluated only once (pass-by-value), preventing the race\nconditions.\n\nAdditionally, in store_fan_div, move the calculation of the minimum\nlimit inside the update lock. This ensures that the read-modify-write\nsequence operates on consistent data.\n\nAdhere to the principle of minimal changes by only converting macros\nthat evaluate arguments multiple times and are used in lockless\ncontexts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71111",
"url": "https://www.suse.com/security/cve/CVE-2025-71111"
},
{
"category": "external",
"summary": "SUSE Bug 1256728 for CVE-2025-71111",
"url": "https://bugzilla.suse.com/1256728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71111"
},
{
"cve": "CVE-2025-71112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: add VLAN id validation before using\n\nCurrently, the VLAN id may be used without validation when\nreceive a VLAN configuration mailbox from VF. The length of\nvlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_VID). It may cause\nout-of-bounds memory access once the VLAN id is bigger than\nor equal to VLAN_N_VID.\n\nTherefore, VLAN id needs to be checked to ensure it is within\nthe range of VLAN_N_VID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71112",
"url": "https://www.suse.com/security/cve/CVE-2025-71112"
},
{
"category": "external",
"summary": "SUSE Bug 1256726 for CVE-2025-71112",
"url": "https://bugzilla.suse.com/1256726"
},
{
"category": "external",
"summary": "SUSE Bug 1256727 for CVE-2025-71112",
"url": "https://bugzilla.suse.com/1256727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-71112"
},
{
"cve": "CVE-2025-71114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvia_wdt: fix critical boot hang due to unnamed resource allocation\n\nThe VIA watchdog driver uses allocate_resource() to reserve a MMIO\nregion for the watchdog control register. However, the allocated\nresource was not given a name, which causes the kernel resource tree\nto contain an entry marked as \"\u003cBAD\u003e\" under /proc/iomem on x86\nplatforms.\n\nDuring boot, this unnamed resource can lead to a critical hang because\nsubsequent resource lookups and conflict checks fail to handle the\ninvalid entry properly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71114",
"url": "https://www.suse.com/security/cve/CVE-2025-71114"
},
{
"category": "external",
"summary": "SUSE Bug 1256752 for CVE-2025-71114",
"url": "https://bugzilla.suse.com/1256752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71114"
},
{
"cve": "CVE-2025-71116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: make decode_pool() more resilient against corrupted osdmaps\n\nIf the osdmap is (maliciously) corrupted such that the encoded length\nof ceph_pg_pool envelope is less than what is expected for a particular\nencoding version, out-of-bounds reads may ensue because the only bounds\ncheck that is there is based on that length value.\n\nThis patch adds explicit bounds checks for each field that is decoded\nor skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71116",
"url": "https://www.suse.com/security/cve/CVE-2025-71116"
},
{
"category": "external",
"summary": "SUSE Bug 1256744 for CVE-2025-71116",
"url": "https://bugzilla.suse.com/1256744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71116"
},
{
"cve": "CVE-2025-71118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Avoid walking the Namespace if start_node is NULL\n\nAlthough commit 0c9992315e73 (\"ACPICA: Avoid walking the ACPI Namespace\nif it is not there\") fixed the situation when both start_node and\nacpi_gbl_root_node are NULL, the Linux kernel mainline now still crashed\non Honor Magicbook 14 Pro [1].\n\nThat happens due to the access to the member of parent_node in\nacpi_ns_get_next_node(). The NULL pointer dereference will always\nhappen, no matter whether or not the start_node is equal to\nACPI_ROOT_OBJECT, so move the check of start_node being NULL\nout of the if block.\n\nUnfortunately, all the attempts to contact Honor have failed, they\nrefused to provide any technical support for Linux.\n\nThe bad DSDT table\u0027s dump could be found on GitHub [2].\n\nDMI: HONOR FMB-P/FMB-P-PCB, BIOS 1.13 05/08/2025\n\n[ rjw: Subject adjustment, changelog edits ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71118",
"url": "https://www.suse.com/security/cve/CVE-2025-71118"
},
{
"category": "external",
"summary": "SUSE Bug 1256763 for CVE-2025-71118",
"url": "https://bugzilla.suse.com/1256763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71118"
},
{
"cve": "CVE-2025-71119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kexec: Enable SMT before waking offline CPUs\n\nIf SMT is disabled or a partial SMT state is enabled, when a new kernel\nimage is loaded for kexec, on reboot the following warning is observed:\n\nkexec: Waking offline cpu 228.\nWARNING: CPU: 0 PID: 9062 at arch/powerpc/kexec/core_64.c:223 kexec_prepare_cpus+0x1b0/0x1bc\n[snip]\n NIP kexec_prepare_cpus+0x1b0/0x1bc\n LR kexec_prepare_cpus+0x1a0/0x1bc\n Call Trace:\n kexec_prepare_cpus+0x1a0/0x1bc (unreliable)\n default_machine_kexec+0x160/0x19c\n machine_kexec+0x80/0x88\n kernel_kexec+0xd0/0x118\n __do_sys_reboot+0x210/0x2c4\n system_call_exception+0x124/0x320\n system_call_vectored_common+0x15c/0x2ec\n\nThis occurs as add_cpu() fails due to cpu_bootable() returning false for\nCPUs that fail the cpu_smt_thread_allowed() check or non primary\nthreads if SMT is disabled.\n\nFix the issue by enabling SMT and resetting the number of SMT threads to\nthe number of threads per core, before attempting to wake up all present\nCPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71119",
"url": "https://www.suse.com/security/cve/CVE-2025-71119"
},
{
"category": "external",
"summary": "SUSE Bug 1256730 for CVE-2025-71119",
"url": "https://bugzilla.suse.com/1256730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71119"
},
{
"cve": "CVE-2025-71120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf\n\nA zero length gss_token results in pages == 0 and in_token-\u003epages[0]\nis NULL. The code unconditionally evaluates\npage_address(in_token-\u003epages[0]) for the initial memcpy, which can\ndereference NULL even when the copy length is 0. Guard the first\nmemcpy so it only runs when length \u003e 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71120",
"url": "https://www.suse.com/security/cve/CVE-2025-71120"
},
{
"category": "external",
"summary": "SUSE Bug 1256779 for CVE-2025-71120",
"url": "https://bugzilla.suse.com/1256779"
},
{
"category": "external",
"summary": "SUSE Bug 1256780 for CVE-2025-71120",
"url": "https://bugzilla.suse.com/1256780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-71120"
},
{
"cve": "CVE-2025-71123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix string copying in parse_apply_sb_mount_options()\n\nstrscpy_pad() can\u0027t be used to copy a non-NUL-term string into a NUL-term\nstring of possibly bigger size. Commit 0efc5990bca5 (\"string.h: Introduce\nmemtostr() and memtostr_pad()\") provides additional information in that\nregard. So if this happens, the following warning is observed:\n\nstrnlen: detected buffer overflow: 65 byte read of buffer size 64\nWARNING: CPU: 0 PID: 28655 at lib/string_helpers.c:1032 __fortify_report+0x96/0xc0 lib/string_helpers.c:1032\nModules linked in:\nCPU: 0 UID: 0 PID: 28655 Comm: syz-executor.3 Not tainted 6.12.54-syzkaller-00144-g5f0270f1ba00 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:__fortify_report+0x96/0xc0 lib/string_helpers.c:1032\nCall Trace:\n \u003cTASK\u003e\n __fortify_panic+0x1f/0x30 lib/string_helpers.c:1039\n strnlen include/linux/fortify-string.h:235 [inline]\n sized_strscpy include/linux/fortify-string.h:309 [inline]\n parse_apply_sb_mount_options fs/ext4/super.c:2504 [inline]\n __ext4_fill_super fs/ext4/super.c:5261 [inline]\n ext4_fill_super+0x3c35/0xad00 fs/ext4/super.c:5706\n get_tree_bdev_flags+0x387/0x620 fs/super.c:1636\n vfs_get_tree+0x93/0x380 fs/super.c:1814\n do_new_mount fs/namespace.c:3553 [inline]\n path_mount+0x6ae/0x1f70 fs/namespace.c:3880\n do_mount fs/namespace.c:3893 [inline]\n __do_sys_mount fs/namespace.c:4103 [inline]\n __se_sys_mount fs/namespace.c:4080 [inline]\n __x64_sys_mount+0x280/0x300 fs/namespace.c:4080\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x64/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSince userspace is expected to provide s_mount_opts field to be at most 63\ncharacters long with the ending byte being NUL-term, use a 64-byte buffer\nwhich matches the size of s_mount_opts, so that strscpy_pad() does its job\nproperly. Return with error if the user still managed to provide a\nnon-NUL-term string here.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71123",
"url": "https://www.suse.com/security/cve/CVE-2025-71123"
},
{
"category": "external",
"summary": "SUSE Bug 1256757 for CVE-2025-71123",
"url": "https://bugzilla.suse.com/1256757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71123"
},
{
"cve": "CVE-2025-71130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer\n\nInitialize the eb.vma array with values of 0 when the eb structure is\nfirst set up. In particular, this sets the eb-\u003evma[i].vma pointers to\nNULL, simplifying cleanup and getting rid of the bug described below.\n\nDuring the execution of eb_lookup_vmas(), the eb-\u003evma array is\nsuccessively filled up with struct eb_vma objects. This process includes\ncalling eb_add_vma(), which might fail; however, even in the event of\nfailure, eb-\u003evma[i].vma is set for the currently processed buffer.\n\nIf eb_add_vma() fails, eb_lookup_vmas() returns with an error, which\nprompts a call to eb_release_vmas() to clean up the mess. Since\neb_lookup_vmas() might fail during processing any (possibly not first)\nbuffer, eb_release_vmas() checks whether a buffer\u0027s vma is NULL to know\nat what point did the lookup function fail.\n\nIn eb_lookup_vmas(), eb-\u003evma[i].vma is set to NULL if either the helper\nfunction eb_lookup_vma() or eb_validate_vma() fails. eb-\u003evma[i+1].vma is\nset to NULL in case i915_gem_object_userptr_submit_init() fails; the\ncurrent one needs to be cleaned up by eb_release_vmas() at this point,\nso the next one is set. If eb_add_vma() fails, neither the current nor\nthe next vma is set to NULL, which is a source of a NULL deref bug\ndescribed in the issue linked in the Closes tag.\n\nWhen entering eb_lookup_vmas(), the vma pointers are set to the slab\npoison value, instead of NULL. This doesn\u0027t matter for the actual\nlookup, since it gets overwritten anyway, however the eb_release_vmas()\nfunction only recognizes NULL as the stopping value, hence the pointers\nare being set to NULL as they go in case of intermediate failure. This\npatch changes the approach to filling them all with NULL at the start\ninstead, rather than handling that manually during failure.\n\n(cherry picked from commit 08889b706d4f0b8d2352b7ca29c2d8df4d0787cd)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71130",
"url": "https://www.suse.com/security/cve/CVE-2025-71130"
},
{
"category": "external",
"summary": "SUSE Bug 1256741 for CVE-2025-71130",
"url": "https://bugzilla.suse.com/1256741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71130"
},
{
"cve": "CVE-2025-71131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: seqiv - Do not use req-\u003eiv after crypto_aead_encrypt\n\nAs soon as crypto_aead_encrypt is called, the underlying request\nmay be freed by an asynchronous completion. Thus dereferencing\nreq-\u003eiv after it returns is invalid.\n\nInstead of checking req-\u003eiv against info, create a new variable\nunaligned_info and use it for that purpose instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71131",
"url": "https://www.suse.com/security/cve/CVE-2025-71131"
},
{
"category": "external",
"summary": "SUSE Bug 1256742 for CVE-2025-71131",
"url": "https://bugzilla.suse.com/1256742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71131"
},
{
"cve": "CVE-2025-71132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmc91x: fix broken irq-context in PREEMPT_RT\n\nWhen smc91x.c is built with PREEMPT_RT, the following splat occurs\nin FVP_RevC:\n\n[ 13.055000] smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000\n[ 13.062137] BUG: workqueue leaked atomic, lock or RCU: kworker/2:1[106]\n[ 13.062137] preempt=0x00000000 lock=0-\u003e0 RCU=0-\u003e1 workfn=mld_ifc_work\n[ 13.062266] C\n** replaying previous printk message **\n[ 13.062266] CPU: 2 UID: 0 PID: 106 Comm: kworker/2:1 Not tainted 6.18.0-dirty #179 PREEMPT_{RT,(full)}\n[ 13.062353] Hardware name: , BIOS\n[ 13.062382] Workqueue: mld mld_ifc_work\n[ 13.062469] Call trace:\n[ 13.062494] show_stack+0x24/0x40 (C)\n[ 13.062602] __dump_stack+0x28/0x48\n[ 13.062710] dump_stack_lvl+0x7c/0xb0\n[ 13.062818] dump_stack+0x18/0x34\n[ 13.062926] process_scheduled_works+0x294/0x450\n[ 13.063043] worker_thread+0x260/0x3d8\n[ 13.063124] kthread+0x1c4/0x228\n[ 13.063235] ret_from_fork+0x10/0x20\n\nThis happens because smc_special_trylock() disables IRQs even on PREEMPT_RT,\nbut smc_special_unlock() does not restore IRQs on PREEMPT_RT.\nThe reason is that smc_special_unlock() calls spin_unlock_irqrestore(),\nand rcu_read_unlock_bh() in __dev_queue_xmit() cannot invoke\nrcu_read_unlock() through __local_bh_enable_ip() when current-\u003esoftirq_disable_cnt becomes zero.\n\nTo address this issue, replace smc_special_trylock() with spin_trylock_irqsave().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71132",
"url": "https://www.suse.com/security/cve/CVE-2025-71132"
},
{
"category": "external",
"summary": "SUSE Bug 1256737 for CVE-2025-71132",
"url": "https://bugzilla.suse.com/1256737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71132"
},
{
"cve": "CVE-2025-71133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: avoid invalid read in irdma_net_event\n\nirdma_net_event() should not dereference anything from \"neigh\" (alias\n\"ptr\") until it has checked that the event is NETEVENT_NEIGH_UPDATE.\nOther events come with different structures pointed to by \"ptr\" and they\nmay be smaller than struct neighbour.\n\nMove the read of neigh-\u003edev under the NETEVENT_NEIGH_UPDATE case.\n\nThe bug is mostly harmless, but it triggers KASAN on debug kernels:\n\n BUG: KASAN: stack-out-of-bounds in irdma_net_event+0x32e/0x3b0 [irdma]\n Read of size 8 at addr ffffc900075e07f0 by task kworker/27:2/542554\n\n CPU: 27 PID: 542554 Comm: kworker/27:2 Kdump: loaded Not tainted 5.14.0-630.el9.x86_64+debug #1\n Hardware name: [...]\n Workqueue: events rt6_probe_deferred\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x60/0xb0\n print_address_description.constprop.0+0x2c/0x3f0\n print_report+0xb4/0x270\n kasan_report+0x92/0xc0\n irdma_net_event+0x32e/0x3b0 [irdma]\n notifier_call_chain+0x9e/0x180\n atomic_notifier_call_chain+0x5c/0x110\n rt6_do_redirect+0xb91/0x1080\n tcp_v6_err+0xe9b/0x13e0\n icmpv6_notify+0x2b2/0x630\n ndisc_redirect_rcv+0x328/0x530\n icmpv6_rcv+0xc16/0x1360\n ip6_protocol_deliver_rcu+0xb84/0x12e0\n ip6_input_finish+0x117/0x240\n ip6_input+0xc4/0x370\n ipv6_rcv+0x420/0x7d0\n __netif_receive_skb_one_core+0x118/0x1b0\n process_backlog+0xd1/0x5d0\n __napi_poll.constprop.0+0xa3/0x440\n net_rx_action+0x78a/0xba0\n handle_softirqs+0x2d4/0x9c0\n do_softirq+0xad/0xe0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71133",
"url": "https://www.suse.com/security/cve/CVE-2025-71133"
},
{
"category": "external",
"summary": "SUSE Bug 1256733 for CVE-2025-71133",
"url": "https://bugzilla.suse.com/1256733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71133"
},
{
"cve": "CVE-2025-71135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()\n\nThe variable mddev-\u003eprivate is first assigned to conf and then checked:\n\n conf = mddev-\u003eprivate;\n if (!conf) ...\n\nIf conf is NULL, then mddev-\u003eprivate is also NULL. In this case,\nnull-pointer dereferences can occur when calling raid5_quiesce():\n\n raid5_quiesce(mddev, true);\n raid5_quiesce(mddev, false);\n\nsince mddev-\u003eprivate is assigned to conf again in raid5_quiesce(), and conf\nis dereferenced in several places, for example:\n\n conf-\u003equiesce = 0;\n wake_up(\u0026conf-\u003ewait_for_quiescent);\n\nTo fix this issue, the function should unlock mddev and return before\ninvoking raid5_quiesce() when conf is NULL, following the existing pattern\nin raid5_change_consistency_policy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71135",
"url": "https://www.suse.com/security/cve/CVE-2025-71135"
},
{
"category": "external",
"summary": "SUSE Bug 1256761 for CVE-2025-71135",
"url": "https://bugzilla.suse.com/1256761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71135"
},
{
"cve": "CVE-2025-71136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()\n\nIt\u0027s possible for cp_read() and hdmi_read() to return -EIO. Those\nvalues are further used as indexes for accessing arrays.\n\nFix that by checking return values where it\u0027s needed.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71136",
"url": "https://www.suse.com/security/cve/CVE-2025-71136"
},
{
"category": "external",
"summary": "SUSE Bug 1256759 for CVE-2025-71136",
"url": "https://bugzilla.suse.com/1256759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71136"
},
{
"cve": "CVE-2025-71137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71137"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: fix \"UBSAN: shift-out-of-bounds error\"\n\nThis patch ensures that the RX ring size (rx_pending) is not\nset below the permitted length. This avoids UBSAN\nshift-out-of-bounds errors when users passes small or zero\nring sizes via ethtool -G.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71137",
"url": "https://www.suse.com/security/cve/CVE-2025-71137"
},
{
"category": "external",
"summary": "SUSE Bug 1256760 for CVE-2025-71137",
"url": "https://bugzilla.suse.com/1256760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71137"
},
{
"cve": "CVE-2025-71138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add missing NULL pointer check for pingpong interface\n\nIt is checked almost always in dpu_encoder_phys_wb_setup_ctl(), but in a\nsingle place the check is missing.\nAlso use convenient locals instead of phys_enc-\u003e* where available.\n\nPatchwork: https://patchwork.freedesktop.org/patch/693860/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71138",
"url": "https://www.suse.com/security/cve/CVE-2025-71138"
},
{
"category": "external",
"summary": "SUSE Bug 1256785 for CVE-2025-71138",
"url": "https://bugzilla.suse.com/1256785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71138"
},
{
"cve": "CVE-2025-71141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tilcdc: Fix removal actions in case of failed probe\n\nThe drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers\nshould only be called when the device has been successfully registered.\nCurrently, these functions are called unconditionally in tilcdc_fini(),\nwhich causes warnings during probe deferral scenarios.\n\n[ 7.972317] WARNING: CPU: 0 PID: 23 at drivers/gpu/drm/drm_atomic_state_helper.c:175 drm_atomic_helper_crtc_duplicate_state+0x60/0x68\n...\n[ 8.005820] drm_atomic_helper_crtc_duplicate_state from drm_atomic_get_crtc_state+0x68/0x108\n[ 8.005858] drm_atomic_get_crtc_state from drm_atomic_helper_disable_all+0x90/0x1c8\n[ 8.005885] drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x90/0x144\n[ 8.005911] drm_atomic_helper_shutdown from tilcdc_fini+0x68/0xf8 [tilcdc]\n[ 8.005957] tilcdc_fini [tilcdc] from tilcdc_pdev_probe+0xb0/0x6d4 [tilcdc]\n\nFix this by rewriting the failed probe cleanup path using the standard\ngoto error handling pattern, which ensures that cleanup functions are\nonly called on successfully initialized resources. Additionally, remove\nthe now-unnecessary is_registered flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71141",
"url": "https://www.suse.com/security/cve/CVE-2025-71141"
},
{
"category": "external",
"summary": "SUSE Bug 1256756 for CVE-2025-71141",
"url": "https://bugzilla.suse.com/1256756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71141"
},
{
"cve": "CVE-2025-71142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpuset: fix warning when disabling remote partition\n\nA warning was triggered as follows:\n\nWARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110\nRIP: 0010:remote_partition_disable+0xf7/0x110\nRSP: 0018:ffffc90001947d88 EFLAGS: 00000206\nRAX: 0000000000007fff RBX: ffff888103b6e000 RCX: 0000000000006f40\nRDX: 0000000000006f00 RSI: ffffc90001947da8 RDI: ffff888103b6e000\nRBP: ffff888103b6e000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: ffff88810b2e2728 R12: ffffc90001947da8\nR13: 0000000000000000 R14: ffffc90001947da8 R15: ffff8881081f1c00\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f55c8bbe0b2 CR3: 000000010b14c000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n update_prstate+0x2d3/0x580\n cpuset_partition_write+0x94/0xf0\n kernfs_fop_write_iter+0x147/0x200\n vfs_write+0x35d/0x500\n ksys_write+0x66/0xe0\n do_syscall_64+0x6b/0x390\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f55c8cd4887\n\nReproduction steps (on a 16-CPU machine):\n\n # cd /sys/fs/cgroup/\n # mkdir A1\n # echo +cpuset \u003e A1/cgroup.subtree_control\n # echo \"0-14\" \u003e A1/cpuset.cpus.exclusive\n # mkdir A1/A2\n # echo \"0-14\" \u003e A1/A2/cpuset.cpus.exclusive\n # echo \"root\" \u003e A1/A2/cpuset.cpus.partition\n # echo 0 \u003e /sys/devices/system/cpu/cpu15/online\n # echo member \u003e A1/A2/cpuset.cpus.partition\n\nWhen CPU 15 is offlined, subpartitions_cpus gets cleared because no CPUs\nremain available for the top_cpuset, forcing partitions to share CPUs with\nthe top_cpuset. In this scenario, disabling the remote partition triggers\na warning stating that effective_xcpus is not a subset of\nsubpartitions_cpus. Partitions should be invalidated in this case to\ninform users that the partition is now invalid(cpus are shared with\ntop_cpuset).\n\nTo fix this issue:\n1. Only emit the warning only if subpartitions_cpus is not empty and the\n effective_xcpus is not a subset of subpartitions_cpus.\n2. During the CPU hotplug process, invalidate partitions if\n subpartitions_cpus is empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71142",
"url": "https://www.suse.com/security/cve/CVE-2025-71142"
},
{
"category": "external",
"summary": "SUSE Bug 1256748 for CVE-2025-71142",
"url": "https://bugzilla.suse.com/1256748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71142"
},
{
"cve": "CVE-2025-71143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: exynos-clkout: Assign .num before accessing .hws\n\nCommit f316cdff8d67 (\"clk: Annotate struct clk_hw_onecell_data with\n__counted_by\") annotated the hws member of \u0027struct clk_hw_onecell_data\u0027\nwith __counted_by, which informs the bounds sanitizer (UBSAN_BOUNDS)\nabout the number of elements in .hws[], so that it can warn when .hws[]\nis accessed out of bounds. As noted in that change, the __counted_by\nmember must be initialized with the number of elements before the first\narray access happens, otherwise there will be a warning from each access\nprior to the initialization because the number of elements is zero. This\noccurs in exynos_clkout_probe() due to .num being assigned after .hws[]\nhas been accessed:\n\n UBSAN: array-index-out-of-bounds in drivers/clk/samsung/clk-exynos-clkout.c:178:18\n index 0 is out of range for type \u0027clk_hw *[*]\u0027\n\nMove the .num initialization to before the first access of .hws[],\nclearing up the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71143",
"url": "https://www.suse.com/security/cve/CVE-2025-71143"
},
{
"category": "external",
"summary": "SUSE Bug 1256749 for CVE-2025-71143",
"url": "https://bugzilla.suse.com/1256749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71143"
},
{
"cve": "CVE-2025-71145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: phy: isp1301: fix non-OF device reference imbalance\n\nA recent change fixing a device reference leak in a UDC driver\nintroduced a potential use-after-free in the non-OF case as the\nisp1301_get_client() helper only increases the reference count for the\nreturned I2C device in the OF case.\n\nIncrement the reference count also for non-OF so that the caller can\ndecrement it unconditionally.\n\nNote that this is inherently racy just as using the returned I2C device\nis since nothing is preventing the PHY driver from being unbound while\nin use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71145",
"url": "https://www.suse.com/security/cve/CVE-2025-71145"
},
{
"category": "external",
"summary": "SUSE Bug 1257155 for CVE-2025-71145",
"url": "https://bugzilla.suse.com/1257155"
},
{
"category": "external",
"summary": "SUSE Bug 1257156 for CVE-2025-71145",
"url": "https://bugzilla.suse.com/1257156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2025-71145"
},
{
"cve": "CVE-2025-71147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Fix a memory leak in tpm2_load_cmd\n\n\u0027tpm2_load_cmd\u0027 allocates a tempoary blob indirectly via \u0027tpm2_key_decode\u0027\nbut it is not freed in the failure paths. Address this by wrapping the blob\ninto with a cleanup helper.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71147",
"url": "https://www.suse.com/security/cve/CVE-2025-71147"
},
{
"category": "external",
"summary": "SUSE Bug 1257158 for CVE-2025-71147",
"url": "https://bugzilla.suse.com/1257158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71147"
},
{
"cve": "CVE-2025-71149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/poll: correctly handle io_poll_add() return value on update\n\nWhen the core of io_uring was updated to handle completions\nconsistently and with fixed return codes, the POLL_REMOVE opcode\nwith updates got slightly broken. If a POLL_ADD is pending and\nthen POLL_REMOVE is used to update the events of that request, if that\nupdate causes the POLL_ADD to now trigger, then that completion is lost\nand a CQE is never posted.\n\nAdditionally, ensure that if an update does cause an existing POLL_ADD\nto complete, that the completion value isn\u0027t always overwritten with\n-ECANCELED. For that case, whatever io_poll_add() set the value to\nshould just be retained.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71149",
"url": "https://www.suse.com/security/cve/CVE-2025-71149"
},
{
"category": "external",
"summary": "SUSE Bug 1257164 for CVE-2025-71149",
"url": "https://bugzilla.suse.com/1257164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71149"
},
{
"cve": "CVE-2025-71154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: fix memory leak on usb_submit_urb() failure\n\nIn async_set_registers(), when usb_submit_urb() fails, the allocated\n async_req structure and URB are not freed, causing a memory leak.\n\n The completion callback async_set_reg_cb() is responsible for freeing\n these allocations, but it is only called after the URB is successfully\n submitted and completes (successfully or with error). If submission\n fails, the callback never runs and the memory is leaked.\n\n Fix this by freeing both the URB and the request structure in the error\n path when usb_submit_urb() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71154",
"url": "https://www.suse.com/security/cve/CVE-2025-71154"
},
{
"category": "external",
"summary": "SUSE Bug 1257163 for CVE-2025-71154",
"url": "https://bugzilla.suse.com/1257163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71154"
},
{
"cve": "CVE-2025-71156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: defer interrupt enabling until NAPI registration\n\nCurrently, interrupts are automatically enabled immediately upon\nrequest. This allows interrupt to fire before the associated NAPI\ncontext is fully initialized and cause failures like below:\n\n[ 0.946369] Call Trace:\n[ 0.946369] \u003cIRQ\u003e\n[ 0.946369] __napi_poll+0x2a/0x1e0\n[ 0.946369] net_rx_action+0x2f9/0x3f0\n[ 0.946369] handle_softirqs+0xd6/0x2c0\n[ 0.946369] ? handle_edge_irq+0xc1/0x1b0\n[ 0.946369] __irq_exit_rcu+0xc3/0xe0\n[ 0.946369] common_interrupt+0x81/0xa0\n[ 0.946369] \u003c/IRQ\u003e\n[ 0.946369] \u003cTASK\u003e\n[ 0.946369] asm_common_interrupt+0x22/0x40\n[ 0.946369] RIP: 0010:pv_native_safe_halt+0xb/0x10\n\nUse the `IRQF_NO_AUTOEN` flag when requesting interrupts to prevent auto\nenablement and explicitly enable the interrupt in NAPI initialization\npath (and disable it during NAPI teardown).\n\nThis ensures that interrupt lifecycle is strictly coupled with\nreadiness of NAPI context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71156",
"url": "https://www.suse.com/security/cve/CVE-2025-71156"
},
{
"category": "external",
"summary": "SUSE Bug 1257167 for CVE-2025-71156",
"url": "https://bugzilla.suse.com/1257167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71156"
},
{
"cve": "CVE-2025-71157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: always drop device refcount in ib_del_sub_device_and_put()\n\nSince nldev_deldev() (introduced by commit 060c642b2ab8 (\"RDMA/nldev: Add\nsupport to add/delete a sub IB device through netlink\") grabs a reference\nusing ib_device_get_by_index() before calling ib_del_sub_device_and_put(),\nwe need to drop that reference before returning -EOPNOTSUPP error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71157",
"url": "https://www.suse.com/security/cve/CVE-2025-71157"
},
{
"category": "external",
"summary": "SUSE Bug 1257168 for CVE-2025-71157",
"url": "https://bugzilla.suse.com/1257168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71157"
},
{
"cve": "CVE-2025-71162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: tegra-adma: Fix use-after-free\n\nA use-after-free bug exists in the Tegra ADMA driver when audio streams\nare terminated, particularly during XRUN conditions. The issue occurs\nwhen the DMA buffer is freed by tegra_adma_terminate_all() before the\nvchan completion tasklet finishes accessing it.\n\nThe race condition follows this sequence:\n\n 1. DMA transfer completes, triggering an interrupt that schedules the\n completion tasklet (tasklet has not executed yet)\n 2. Audio playback stops, calling tegra_adma_terminate_all() which\n frees the DMA buffer memory via kfree()\n 3. The scheduled tasklet finally executes, calling vchan_complete()\n which attempts to access the already-freed memory\n\nSince tasklets can execute at any time after being scheduled, there is\nno guarantee that the buffer will remain valid when vchan_complete()\nruns.\n\nFix this by properly synchronizing the virtual channel completion:\n - Calling vchan_terminate_vdesc() in tegra_adma_stop() to mark the\n descriptors as terminated instead of freeing the descriptor.\n - Add the callback tegra_adma_synchronize() that calls\n vchan_synchronize() which kills any pending tasklets and frees any\n terminated descriptors.\n\nCrash logs:\n[ 337.427523] BUG: KASAN: use-after-free in vchan_complete+0x124/0x3b0\n[ 337.427544] Read of size 8 at addr ffff000132055428 by task swapper/0/0\n\n[ 337.427562] Call trace:\n[ 337.427564] dump_backtrace+0x0/0x320\n[ 337.427571] show_stack+0x20/0x30\n[ 337.427575] dump_stack_lvl+0x68/0x84\n[ 337.427584] print_address_description.constprop.0+0x74/0x2b8\n[ 337.427590] kasan_report+0x1f4/0x210\n[ 337.427598] __asan_load8+0xa0/0xd0\n[ 337.427603] vchan_complete+0x124/0x3b0\n[ 337.427609] tasklet_action_common.constprop.0+0x190/0x1d0\n[ 337.427617] tasklet_action+0x30/0x40\n[ 337.427623] __do_softirq+0x1a0/0x5c4\n[ 337.427628] irq_exit+0x110/0x140\n[ 337.427633] handle_domain_irq+0xa4/0xe0\n[ 337.427640] gic_handle_irq+0x64/0x160\n[ 337.427644] call_on_irq_stack+0x20/0x4c\n[ 337.427649] do_interrupt_handler+0x7c/0x90\n[ 337.427654] el1_interrupt+0x30/0x80\n[ 337.427659] el1h_64_irq_handler+0x18/0x30\n[ 337.427663] el1h_64_irq+0x7c/0x80\n[ 337.427667] cpuidle_enter_state+0xe4/0x540\n[ 337.427674] cpuidle_enter+0x54/0x80\n[ 337.427679] do_idle+0x2e0/0x380\n[ 337.427685] cpu_startup_entry+0x2c/0x70\n[ 337.427690] rest_init+0x114/0x130\n[ 337.427695] arch_call_rest_init+0x18/0x24\n[ 337.427702] start_kernel+0x380/0x3b4\n[ 337.427706] __primary_switched+0xc0/0xc8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71162",
"url": "https://www.suse.com/security/cve/CVE-2025-71162"
},
{
"category": "external",
"summary": "SUSE Bug 1257204 for CVE-2025-71162",
"url": "https://bugzilla.suse.com/1257204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71162"
},
{
"cve": "CVE-2025-71163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix device leaks on compat bind and unbind\n\nMake sure to drop the reference taken when looking up the idxd device as\npart of the compat bind and unbind sysfs interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71163",
"url": "https://www.suse.com/security/cve/CVE-2025-71163"
},
{
"category": "external",
"summary": "SUSE Bug 1257215 for CVE-2025-71163",
"url": "https://bugzilla.suse.com/1257215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-71163"
},
{
"cve": "CVE-2026-22976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22976"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset\n\n`qfq_class-\u003eleaf_qdisc-\u003eq.qlen \u003e 0` does not imply that the class\nitself is active.\n\nTwo qfq_class objects may point to the same leaf_qdisc. This happens\nwhen:\n\n1. one QFQ qdisc is attached to the dev as the root qdisc, and\n\n2. another QFQ qdisc is temporarily referenced (e.g., via qdisc_get()\n/ qdisc_put()) and is pending to be destroyed, as in function\ntc_new_tfilter.\n\nWhen packets are enqueued through the root QFQ qdisc, the shared\nleaf_qdisc-\u003eq.qlen increases. At the same time, the second QFQ\nqdisc triggers qdisc_put and qdisc_destroy: the qdisc enters\nqfq_reset() with its own q-\u003eq.qlen == 0, but its class\u0027s leaf\nqdisc-\u003eq.qlen \u003e 0. Therefore, the qfq_reset would wrongly deactivate\nan inactive aggregate and trigger a null-deref in qfq_deactivate_agg:\n\n[ 0.903172] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 0.903571] #PF: supervisor write access in kernel mode\n[ 0.903860] #PF: error_code(0x0002) - not-present page\n[ 0.904177] PGD 10299b067 P4D 10299b067 PUD 10299c067 PMD 0\n[ 0.904502] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 0.904737] CPU: 0 UID: 0 PID: 135 Comm: exploit Not tainted 6.19.0-rc3+ #2 NONE\n[ 0.905157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\n[ 0.905754] RIP: 0010:qfq_deactivate_agg (include/linux/list.h:992 (discriminator 2) include/linux/list.h:1006 (discriminator 2) net/sched/sch_qfq.c:1367 (discriminator 2) net/sched/sch_qfq.c:1393 (discriminator 2))\n[ 0.906046] Code: 0f 84 4d 01 00 00 48 89 70 18 8b 4b 10 48 c7 c2 ff ff ff ff 48 8b 78 08 48 d3 e2 48 21 f2 48 2b 13 48 8b 30 48 d3 ea 8b 4b 18 0\n\nCode starting with the faulting instruction\n===========================================\n 0:\t0f 84 4d 01 00 00 \tje 0x153\n 6:\t48 89 70 18 \tmov %rsi,0x18(%rax)\n a:\t8b 4b 10 \tmov 0x10(%rbx),%ecx\n d:\t48 c7 c2 ff ff ff ff \tmov $0xffffffffffffffff,%rdx\n 14:\t48 8b 78 08 \tmov 0x8(%rax),%rdi\n 18:\t48 d3 e2 \tshl %cl,%rdx\n 1b:\t48 21 f2 \tand %rsi,%rdx\n 1e:\t48 2b 13 \tsub (%rbx),%rdx\n 21:\t48 8b 30 \tmov (%rax),%rsi\n 24:\t48 d3 ea \tshr %cl,%rdx\n 27:\t8b 4b 18 \tmov 0x18(%rbx),%ecx\n\t...\n[ 0.907095] RSP: 0018:ffffc900004a39a0 EFLAGS: 00010246\n[ 0.907368] RAX: ffff8881043a0880 RBX: ffff888102953340 RCX: 0000000000000000\n[ 0.907723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 0.908100] RBP: ffff888102952180 R08: 0000000000000000 R09: 0000000000000000\n[ 0.908451] R10: ffff8881043a0000 R11: 0000000000000000 R12: ffff888102952000\n[ 0.908804] R13: ffff888102952180 R14: ffff8881043a0ad8 R15: ffff8881043a0880\n[ 0.909179] FS: 000000002a1a0380(0000) GS:ffff888196d8d000(0000) knlGS:0000000000000000\n[ 0.909572] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 0.909857] CR2: 0000000000000000 CR3: 0000000102993002 CR4: 0000000000772ef0\n[ 0.910247] PKRU: 55555554\n[ 0.910391] Call Trace:\n[ 0.910527] \u003cTASK\u003e\n[ 0.910638] qfq_reset_qdisc (net/sched/sch_qfq.c:357 net/sched/sch_qfq.c:1485)\n[ 0.910826] qdisc_reset (include/linux/skbuff.h:2195 include/linux/skbuff.h:2501 include/linux/skbuff.h:3424 include/linux/skbuff.h:3430 net/sched/sch_generic.c:1036)\n[ 0.911040] __qdisc_destroy (net/sched/sch_generic.c:1076)\n[ 0.911236] tc_new_tfilter (net/sched/cls_api.c:2447)\n[ 0.911447] rtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\n[ 0.911663] ? __pfx_rtnetlink_rcv_msg (net/core/rtnetlink.c:6861)\n[ 0.911894] netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n[ 0.912100] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\n[ 0.912296] ? __alloc_skb (net/core/skbuff.c:706)\n[ 0.912484] netlink_sendmsg (net/netlink/af\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22976",
"url": "https://www.suse.com/security/cve/CVE-2026-22976"
},
{
"category": "external",
"summary": "SUSE Bug 1257035 for CVE-2026-22976",
"url": "https://bugzilla.suse.com/1257035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22976"
},
{
"cve": "CVE-2026-22977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sock: fix hardened usercopy panic in sock_recv_errqueue\n\nskbuff_fclone_cache was created without defining a usercopy region,\n[1] unlike skbuff_head_cache which properly whitelists the cb[] field.\n[2] This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is\nenabled and the kernel attempts to copy sk_buff.cb data to userspace\nvia sock_recv_errqueue() -\u003e put_cmsg().\n\nThe crash occurs when: 1. TCP allocates an skb using alloc_skb_fclone()\n (from skbuff_fclone_cache) [1]\n2. The skb is cloned via skb_clone() using the pre-allocated fclone\n[3] 3. The cloned skb is queued to sk_error_queue for timestamp\nreporting 4. Userspace reads the error queue via recvmsg(MSG_ERRQUEUE)\n5. sock_recv_errqueue() calls put_cmsg() to copy serr-\u003eee from skb-\u003ecb\n[4] 6. __check_heap_object() fails because skbuff_fclone_cache has no\n usercopy whitelist [5]\n\nWhen cloned skbs allocated from skbuff_fclone_cache are used in the\nsocket error queue, accessing the sock_exterr_skb structure in skb-\u003ecb\nvia put_cmsg() triggers a usercopy hardening violation:\n\n[ 5.379589] usercopy: Kernel memory exposure attempt detected from SLUB object \u0027skbuff_fclone_cache\u0027 (offset 296, size 16)!\n[ 5.382796] kernel BUG at mm/usercopy.c:102!\n[ 5.383923] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n[ 5.384903] CPU: 1 UID: 0 PID: 138 Comm: poc_put_cmsg Not tainted 6.12.57 #7\n[ 5.384903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 5.384903] RIP: 0010:usercopy_abort+0x6c/0x80\n[ 5.384903] Code: 1a 86 51 48 c7 c2 40 15 1a 86 41 52 48 c7 c7 c0 15 1a 86 48 0f 45 d6 48 c7 c6 80 15 1a 86 48 89 c1 49 0f 45 f3 e8 84 27 88 ff \u003c0f\u003e 0b 490\n[ 5.384903] RSP: 0018:ffffc900006f77a8 EFLAGS: 00010246\n[ 5.384903] RAX: 000000000000006f RBX: ffff88800f0ad2a8 RCX: 1ffffffff0f72e74\n[ 5.384903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff87b973a0\n[ 5.384903] RBP: 0000000000000010 R08: 0000000000000000 R09: fffffbfff0f72e74\n[ 5.384903] R10: 0000000000000003 R11: 79706f6372657375 R12: 0000000000000001\n[ 5.384903] R13: ffff88800f0ad2b8 R14: ffffea00003c2b40 R15: ffffea00003c2b00\n[ 5.384903] FS: 0000000011bc4380(0000) GS:ffff8880bf100000(0000) knlGS:0000000000000000\n[ 5.384903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5.384903] CR2: 000056aa3b8e5fe4 CR3: 000000000ea26004 CR4: 0000000000770ef0\n[ 5.384903] PKRU: 55555554\n[ 5.384903] Call Trace:\n[ 5.384903] \u003cTASK\u003e\n[ 5.384903] __check_heap_object+0x9a/0xd0\n[ 5.384903] __check_object_size+0x46c/0x690\n[ 5.384903] put_cmsg+0x129/0x5e0\n[ 5.384903] sock_recv_errqueue+0x22f/0x380\n[ 5.384903] tls_sw_recvmsg+0x7ed/0x1960\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? schedule+0x6d/0x270\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? mutex_unlock+0x81/0xd0\n[ 5.384903] ? __pfx_mutex_unlock+0x10/0x10\n[ 5.384903] ? __pfx_tls_sw_recvmsg+0x10/0x10\n[ 5.384903] ? _raw_spin_lock_irqsave+0x8f/0xf0\n[ 5.384903] ? _raw_read_unlock_irqrestore+0x20/0x40\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n\nThe crash offset 296 corresponds to skb2-\u003ecb within skbuff_fclones:\n - sizeof(struct sk_buff) = 232 - offsetof(struct sk_buff, cb) = 40 -\n offset of skb2.cb in fclones = 232 + 40 = 272 - crash offset 296 =\n 272 + 24 (inside sock_exterr_skb.ee)\n\nThis patch uses a local stack variable as a bounce buffer to avoid the hardened usercopy check failure.\n\n[1] https://elixir.bootlin.com/linux/v6.12.62/source/net/ipv4/tcp.c#L885\n[2] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5104\n[3] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5566\n[4] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5491\n[5] https://elixir.bootlin.com/linux/v6.12.62/source/mm/slub.c#L5719",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22977",
"url": "https://www.suse.com/security/cve/CVE-2026-22977"
},
{
"category": "external",
"summary": "SUSE Bug 1257053 for CVE-2026-22977",
"url": "https://bugzilla.suse.com/1257053"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22977"
},
{
"cve": "CVE-2026-22978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: avoid kernel-infoleak from struct iw_point\n\nstruct iw_point has a 32bit hole on 64bit arches.\n\nstruct iw_point {\n void __user *pointer; /* Pointer to the data (in user space) */\n __u16 length; /* number of fields or size in bytes */\n __u16 flags; /* Optional params */\n};\n\nMake sure to zero the structure to avoid disclosing 32bits of kernel data\nto user space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22978",
"url": "https://www.suse.com/security/cve/CVE-2026-22978"
},
{
"category": "external",
"summary": "SUSE Bug 1257227 for CVE-2026-22978",
"url": "https://bugzilla.suse.com/1257227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22978"
},
{
"cve": "CVE-2026-22984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in handle_auth_done()\n\nPerform an explicit bounds check on payload_len to avoid a possible\nout-of-bounds access in the callout.\n\n[ idryomov: changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22984",
"url": "https://www.suse.com/security/cve/CVE-2026-22984"
},
{
"category": "external",
"summary": "SUSE Bug 1257217 for CVE-2026-22984",
"url": "https://bugzilla.suse.com/1257217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22984"
},
{
"cve": "CVE-2026-22985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: Fix RSS LUT NULL pointer crash on early ethtool operations\n\nThe RSS LUT is not initialized until the interface comes up, causing\nthe following NULL pointer crash when ethtool operations like rxhash on/off\nare performed before the interface is brought up for the first time.\n\nMove RSS LUT initialization from ndo_open to vport creation to ensure LUT\nis always available. This enables RSS configuration via ethtool before\nbringing the interface up. Simplify LUT management by maintaining all\nchanges in the driver\u0027s soft copy and programming zeros to the indirection\ntable when rxhash is disabled. Defer HW programming until the interface\ncomes up if it is down during rxhash and LUT configuration changes.\n\nSteps to reproduce:\n** Load idpf driver; interfaces will be created\n\tmodprobe idpf\n** Before bringing the interfaces up, turn rxhash off\n\tethtool -K eth2 rxhash off\n\n[89408.371875] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[89408.371908] #PF: supervisor read access in kernel mode\n[89408.371924] #PF: error_code(0x0000) - not-present page\n[89408.371940] PGD 0 P4D 0\n[89408.371953] Oops: Oops: 0000 [#1] SMP NOPTI\n\u003csnip\u003e\n[89408.372052] RIP: 0010:memcpy_orig+0x16/0x130\n[89408.372310] Call Trace:\n[89408.372317] \u003cTASK\u003e\n[89408.372326] ? idpf_set_features+0xfc/0x180 [idpf]\n[89408.372363] __netdev_update_features+0x295/0xde0\n[89408.372384] ethnl_set_features+0x15e/0x460\n[89408.372406] genl_family_rcv_msg_doit+0x11f/0x180\n[89408.372429] genl_rcv_msg+0x1ad/0x2b0\n[89408.372446] ? __pfx_ethnl_set_features+0x10/0x10\n[89408.372465] ? __pfx_genl_rcv_msg+0x10/0x10\n[89408.372482] netlink_rcv_skb+0x58/0x100\n[89408.372502] genl_rcv+0x2c/0x50\n[89408.372516] netlink_unicast+0x289/0x3e0\n[89408.372533] netlink_sendmsg+0x215/0x440\n[89408.372551] __sys_sendto+0x234/0x240\n[89408.372571] __x64_sys_sendto+0x28/0x30\n[89408.372585] x64_sys_call+0x1909/0x1da0\n[89408.372604] do_syscall_64+0x7a/0xfa0\n[89408.373140] ? clear_bhb_loop+0x60/0xb0\n[89408.373647] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[89408.378887] \u003c/TASK\u003e\n\u003csnip\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22985",
"url": "https://www.suse.com/security/cve/CVE-2026-22985"
},
{
"category": "external",
"summary": "SUSE Bug 1257277 for CVE-2026-22985",
"url": "https://bugzilla.suse.com/1257277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22985"
},
{
"cve": "CVE-2026-22988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: do not assume dev_hard_header() does not change skb-\u003ehead\n\narp_create() is the only dev_hard_header() caller\nmaking assumption about skb-\u003ehead being unchanged.\n\nA recent commit broke this assumption.\n\nInitialize @arp pointer after dev_hard_header() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22988",
"url": "https://www.suse.com/security/cve/CVE-2026-22988"
},
{
"category": "external",
"summary": "SUSE Bug 1257282 for CVE-2026-22988",
"url": "https://bugzilla.suse.com/1257282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22988"
},
{
"cve": "CVE-2026-22990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: replace overzealous BUG_ON in osdmap_apply_incremental()\n\nIf the osdmap is (maliciously) corrupted such that the incremental\nosdmap epoch is different from what is expected, there is no need to\nBUG. Instead, just declare the incremental osdmap to be invalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22990",
"url": "https://www.suse.com/security/cve/CVE-2026-22990"
},
{
"category": "external",
"summary": "SUSE Bug 1257221 for CVE-2026-22990",
"url": "https://bugzilla.suse.com/1257221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22990"
},
{
"cve": "CVE-2026-22991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: make free_choose_arg_map() resilient to partial allocation\n\nfree_choose_arg_map() may dereference a NULL pointer if its caller fails\nafter a partial allocation.\n\nFor example, in decode_choose_args(), if allocation of arg_map-\u003eargs\nfails, execution jumps to the fail label and free_choose_arg_map() is\ncalled. Since arg_map-\u003esize is updated to a non-zero value before memory\nallocation, free_choose_arg_map() will iterate over arg_map-\u003eargs and\ndereference a NULL pointer.\n\nTo prevent this potential NULL pointer dereference and make\nfree_choose_arg_map() more resilient, add checks for pointers before\niterating.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22991",
"url": "https://www.suse.com/security/cve/CVE-2026-22991"
},
{
"category": "external",
"summary": "SUSE Bug 1257220 for CVE-2026-22991",
"url": "https://bugzilla.suse.com/1257220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22991"
},
{
"cve": "CVE-2026-22992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: return the handler error from mon_handle_auth_done()\n\nCurrently any error from ceph_auth_handle_reply_done() is propagated\nvia finish_auth() but isn\u0027t returned from mon_handle_auth_done(). This\nresults in higher layers learning that (despite the monitor considering\nus to be successfully authenticated) something went wrong in the\nauthentication phase and reacting accordingly, but msgr2 still trying\nto proceed with establishing the session in the background. In the\ncase of secure mode this can trigger a WARN in setup_crypto() and later\nlead to a NULL pointer dereference inside of prepare_auth_signature().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22992",
"url": "https://www.suse.com/security/cve/CVE-2026-22992"
},
{
"category": "external",
"summary": "SUSE Bug 1257218 for CVE-2026-22992",
"url": "https://bugzilla.suse.com/1257218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22992"
},
{
"cve": "CVE-2026-22993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: Fix RSS LUT NULL ptr issue after soft reset\n\nDuring soft reset, the RSS LUT is freed and not restored unless the\ninterface is up. If an ethtool command that accesses the rss lut is\nattempted immediately after reset, it will result in NULL ptr\ndereference. Also, there is no need to reset the rss lut if the soft reset\ndoes not involve queue count change.\n\nAfter soft reset, set the RSS LUT to default values based on the updated\nqueue count only if the reset was a result of a queue count change and\nthe LUT was not configured by the user. In all other cases, don\u0027t touch\nthe LUT.\n\nSteps to reproduce:\n\n** Bring the interface down (if up)\nifconfig eth1 down\n\n** update the queue count (eg., 27-\u003e20)\nethtool -L eth1 combined 20\n\n** display the RSS LUT\nethtool -x eth1\n\n[82375.558338] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[82375.558373] #PF: supervisor read access in kernel mode\n[82375.558391] #PF: error_code(0x0000) - not-present page\n[82375.558408] PGD 0 P4D 0\n[82375.558421] Oops: Oops: 0000 [#1] SMP NOPTI\n\u003csnip\u003e\n[82375.558516] RIP: 0010:idpf_get_rxfh+0x108/0x150 [idpf]\n[82375.558786] Call Trace:\n[82375.558793] \u003cTASK\u003e\n[82375.558804] rss_prepare.isra.0+0x187/0x2a0\n[82375.558827] rss_prepare_data+0x3a/0x50\n[82375.558845] ethnl_default_doit+0x13d/0x3e0\n[82375.558863] genl_family_rcv_msg_doit+0x11f/0x180\n[82375.558886] genl_rcv_msg+0x1ad/0x2b0\n[82375.558902] ? __pfx_ethnl_default_doit+0x10/0x10\n[82375.558920] ? __pfx_genl_rcv_msg+0x10/0x10\n[82375.558937] netlink_rcv_skb+0x58/0x100\n[82375.558957] genl_rcv+0x2c/0x50\n[82375.558971] netlink_unicast+0x289/0x3e0\n[82375.558988] netlink_sendmsg+0x215/0x440\n[82375.559005] __sys_sendto+0x234/0x240\n[82375.559555] __x64_sys_sendto+0x28/0x30\n[82375.560068] x64_sys_call+0x1909/0x1da0\n[82375.560576] do_syscall_64+0x7a/0xfa0\n[82375.561076] ? clear_bhb_loop+0x60/0xb0\n[82375.561567] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003csnip\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22993",
"url": "https://www.suse.com/security/cve/CVE-2026-22993"
},
{
"category": "external",
"summary": "SUSE Bug 1257180 for CVE-2026-22993",
"url": "https://bugzilla.suse.com/1257180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22993"
},
{
"cve": "CVE-2026-22996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Don\u0027t store mlx5e_priv in mlx5e_dev devlink priv\n\nmlx5e_priv is an unstable structure that can be memset(0) if profile\nattaching fails, mlx5e_priv in mlx5e_dev devlink private is used to\nreference the netdev and mdev associated with that struct. Instead,\nstore netdev directly into mlx5e_dev and get mdev from the containing\nmlx5_adev aux device structure.\n\nThis fixes a kernel oops in mlx5e_remove when switchdev mode fails due\nto change profile failure.\n\n$ devlink dev eswitch set pci/0000:00:03.0 mode switchdev\nError: mlx5_core: Failed setting eswitch to offloads.\ndmesg:\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n\n$ devlink dev reload pci/0000:00:03.0 ==\u003e oops\n\nBUG: kernel NULL pointer dereference, address: 0000000000000520\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 3 UID: 0 PID: 521 Comm: devlink Not tainted 6.18.0-rc5+ #117 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:mlx5e_remove+0x68/0x130\nRSP: 0018:ffffc900034838f0 EFLAGS: 00010246\nRAX: ffff88810283c380 RBX: ffff888101874400 RCX: ffffffff826ffc45\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffff888102d789c0 R08: ffff8881007137f0 R09: ffff888100264e10\nR10: ffffc90003483898 R11: ffffc900034838a0 R12: ffff888100d261a0\nR13: ffff888100d261a0 R14: ffff8881018749a0 R15: ffff888101874400\nFS: 00007f8565fea740(0000) GS:ffff88856a759000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000520 CR3: 000000010b11a004 CR4: 0000000000370ef0\nCall Trace:\n \u003cTASK\u003e\n device_release_driver_internal+0x19c/0x200\n bus_remove_device+0xc6/0x130\n device_del+0x160/0x3d0\n ? devl_param_driverinit_value_get+0x2d/0x90\n mlx5_detach_device+0x89/0xe0\n mlx5_unload_one_devl_locked+0x3a/0x70\n mlx5_devlink_reload_down+0xc8/0x220\n devlink_reload+0x7d/0x260\n devlink_nl_reload_doit+0x45b/0x5a0\n genl_family_rcv_msg_doit+0xe8/0x140",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22996",
"url": "https://www.suse.com/security/cve/CVE-2026-22996"
},
{
"category": "external",
"summary": "SUSE Bug 1257203 for CVE-2026-22996",
"url": "https://bugzilla.suse.com/1257203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22996"
},
{
"cve": "CVE-2026-22997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts\n\nSince j1939_session_deactivate_activate_next() in j1939_tp_rxtimer() is\ncalled only when the timer is enabled, we need to call\nj1939_session_deactivate_activate_next() if we cancelled the timer.\nOtherwise, refcount for j1939_session leaks, which will later appear as\n\n| unregister_netdevice: waiting for vcan0 to become free. Usage count = 2.\n\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22997",
"url": "https://www.suse.com/security/cve/CVE-2026-22997"
},
{
"category": "external",
"summary": "SUSE Bug 1257202 for CVE-2026-22997",
"url": "https://bugzilla.suse.com/1257202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-22997"
},
{
"cve": "CVE-2026-22999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: do not free existing class in qfq_change_class()\n\nFixes qfq_change_class() error case.\n\ncl-\u003eqdisc and cl should only be freed if a new class and qdisc\nwere allocated, or we risk various UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22999",
"url": "https://www.suse.com/security/cve/CVE-2026-22999"
},
{
"category": "external",
"summary": "SUSE Bug 1257236 for CVE-2026-22999",
"url": "https://bugzilla.suse.com/1257236"
},
{
"category": "external",
"summary": "SUSE Bug 1257238 for CVE-2026-22999",
"url": "https://bugzilla.suse.com/1257238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2026-22999"
},
{
"cve": "CVE-2026-23000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix crash on profile change rollback failure\n\nmlx5e_netdev_change_profile can fail to attach a new profile and can\nfail to rollback to old profile, in such case, we could end up with a\ndangling netdev with a fully reset netdev_priv. A retry to change\nprofile, e.g. another attempt to call mlx5e_netdev_change_profile via\nswitchdev mode change, will crash trying to access the now NULL\npriv-\u003emdev.\n\nThis fix allows mlx5e_netdev_change_profile() to handle previous\nfailures and an empty priv, by not assuming priv is valid.\n\nPass netdev and mdev to all flows requiring\nmlx5e_netdev_change_profile() and avoid passing priv.\nIn mlx5e_netdev_change_profile() check if current priv is valid, and if\nnot, just attach the new profile without trying to access the old one.\n\nThis fixes the following oops, when enabling switchdev mode for the 2nd\ntime after first time failure:\n\n ## Enabling switchdev mode first time:\n\nmlx5_core 0012:03:00.1: E-Switch: Supported tc chains and prios offload\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n ^^^^^^^^\nmlx5_core 0000:00:03.0: E-Switch: Disable: mode(LEGACY), nvfs(0), necvfs(0), active vports(0)\n\n ## retry: Enabling switchdev mode 2nd time:\n\nmlx5_core 0000:00:03.0: E-Switch: Supported tc chains and prios offload\nBUG: kernel NULL pointer dereference, address: 0000000000000038\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 13 UID: 0 PID: 520 Comm: devlink Not tainted 6.18.0-rc4+ #91 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:mlx5e_detach_netdev+0x3c/0x90\nCode: 50 00 00 f0 80 4f 78 02 48 8b bf e8 07 00 00 48 85 ff 74 16 48 8b 73 78 48 d1 ee 83 e6 01 83 f6 01 40 0f b6 f6 e8 c4 42 00 00 \u003c48\u003e 8b 45 38 48 85 c0 74 08 48 89 df e8 cc 47 40 1e 48 8b bb f0 07\nRSP: 0018:ffffc90000673890 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff8881036a89c0 RCX: 0000000000000000\nRDX: ffff888113f63800 RSI: ffffffff822fe720 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000002dcd R09: 0000000000000000\nR10: ffffc900006738e8 R11: 00000000ffffffff R12: 0000000000000000\nR13: 0000000000000000 R14: ffff8881036a89c0 R15: 0000000000000000\nFS: 00007fdfb8384740(0000) GS:ffff88856a9d6000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000038 CR3: 0000000112ae0005 CR4: 0000000000370ef0\nCall Trace:\n \u003cTASK\u003e\n mlx5e_netdev_change_profile+0x45/0xb0\n mlx5e_vport_rep_load+0x27b/0x2d0\n mlx5_esw_offloads_rep_load+0x72/0xf0\n esw_offloads_enable+0x5d0/0x970\n mlx5_eswitch_enable_locked+0x349/0x430\n ? is_mp_supported+0x57/0xb0\n mlx5_devlink_eswitch_mode_set+0x26b/0x430\n devlink_nl_eswitch_set_doit+0x6f/0xf0\n genl_family_rcv_msg_doit+0xe8/0x140\n genl_rcv_msg+0x18b/0x290\n ? __pfx_devlink_nl_pre_doit+0x10/0x10\n ? __pfx_devlink_nl_eswitch_set_doit+0x10/0x10\n ? __pfx_devlink_nl_post_doit+0x10/0x10\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x52/0x100\n genl_rcv+0x28/0x40\n netlink_unicast+0x282/0x3e0\n ? __alloc_skb+0xd6/0x190\n netlink_sendmsg+0x1f7/0x430\n __sys_sendto+0x213/0x220\n ? __sys_recvmsg+0x6a/0xd0\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x50/0x1f0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7fdfb8495047",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23000",
"url": "https://www.suse.com/security/cve/CVE-2026-23000"
},
{
"category": "external",
"summary": "SUSE Bug 1257234 for CVE-2026-23000",
"url": "https://bugzilla.suse.com/1257234"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-23000"
},
{
"cve": "CVE-2026-23001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: fix possible UAF in macvlan_forward_source()\n\nAdd RCU protection on (struct macvlan_source_entry)-\u003evlan.\n\nWhenever macvlan_hash_del_source() is called, we must clear\nentry-\u003evlan pointer before RCU grace period starts.\n\nThis allows macvlan_forward_source() to skip over\nentries queued for freeing.\n\nNote that macvlan_dev are already RCU protected, as they\nare embedded in a standard netdev (netdev_priv(ndev)).\n\nhttps: //lore.kernel.org/netdev/695fb1e8.050a0220.1c677c.039f.GAE@google.com/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23001",
"url": "https://www.suse.com/security/cve/CVE-2026-23001"
},
{
"category": "external",
"summary": "SUSE Bug 1257232 for CVE-2026-23001",
"url": "https://bugzilla.suse.com/1257232"
},
{
"category": "external",
"summary": "SUSE Bug 1257233 for CVE-2026-23001",
"url": "https://bugzilla.suse.com/1257233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "important"
}
],
"title": "CVE-2026-23001"
},
{
"cve": "CVE-2026-23005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1\n\nWhen loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in\nresponse to a guest WRMSR, clear XFD-disabled features in the saved (or to\nbe restored) XSTATE_BV to ensure KVM doesn\u0027t attempt to load state for\nfeatures that are disabled via the guest\u0027s XFD. Because the kernel\nexecutes XRSTOR with the guest\u0027s XFD, saving XSTATE_BV[i]=1 with XFD[i]=1\nwill cause XRSTOR to #NM and panic the kernel.\n\nE.g. if fpu_update_guest_xfd() sets XFD without clearing XSTATE_BV:\n\n ------------[ cut here ]------------\n WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#29: amx_test/848\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 29 UID: 1000 PID: 848 Comm: amx_test Not tainted 6.19.0-rc2-ffa07f7fd437-x86_amx_nm_xfd_non_init-vm #171 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:exc_device_not_available+0x101/0x110\n Call Trace:\n \u003cTASK\u003e\n asm_exc_device_not_available+0x1a/0x20\n RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90\n switch_fpu_return+0x4a/0xb0\n kvm_arch_vcpu_ioctl_run+0x1245/0x1e40 [kvm]\n kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm]\n __x64_sys_ioctl+0x8f/0xd0\n do_syscall_64+0x62/0x940\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nThis can happen if the guest executes WRMSR(MSR_IA32_XFD) to set XFD[18] = 1,\nand a host IRQ triggers kernel_fpu_begin() prior to the vmexit handler\u0027s\ncall to fpu_update_guest_xfd().\n\nand if userspace stuffs XSTATE_BV[i]=1 via KVM_SET_XSAVE:\n\n ------------[ cut here ]------------\n WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#14: amx_test/867\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 14 UID: 1000 PID: 867 Comm: amx_test Not tainted 6.19.0-rc2-2dace9faccd6-x86_amx_nm_xfd_non_init-vm #168 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:exc_device_not_available+0x101/0x110\n Call Trace:\n \u003cTASK\u003e\n asm_exc_device_not_available+0x1a/0x20\n RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90\n fpu_swap_kvm_fpstate+0x6b/0x120\n kvm_load_guest_fpu+0x30/0x80 [kvm]\n kvm_arch_vcpu_ioctl_run+0x85/0x1e40 [kvm]\n kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm]\n __x64_sys_ioctl+0x8f/0xd0\n do_syscall_64+0x62/0x940\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nThe new behavior is consistent with the AMX architecture. Per Intel\u0027s SDM,\nXSAVE saves XSTATE_BV as \u00270\u0027 for components that are disabled via XFD\n(and non-compacted XSAVE saves the initial configuration of the state\ncomponent):\n\n If XSAVE, XSAVEC, XSAVEOPT, or XSAVES is saving the state component i,\n the instruction does not generate #NM when XCR0[i] = IA32_XFD[i] = 1;\n instead, it operates as if XINUSE[i] = 0 (and the state component was\n in its initial state): it saves bit i of XSTATE_BV field of the XSAVE\n header as 0; in addition, XSAVE saves the initial configuration of the\n state component (the other instructions do not save state component i).\n\nAlternatively, KVM could always do XRSTOR with XFD=0, e.g. by using\na constant XFD based on the set of enabled features when XSAVEing for\na struct fpu_guest. However, having XSTATE_BV[i]=1 for XFD-disabled\nfeatures can only happen in the above interrupt case, or in similar\nscenarios involving preemption on preemptible kernels, because\nfpu_swap_kvm_fpstate()\u0027s call to save_fpregs_to_fpstate() saves the\noutgoing FPU state with the current XFD; and that is (on all but the\nfirst WRMSR to XFD) the guest XFD.\n\nTherefore, XFD can only go out of sync with XSTATE_BV in the above\ninterrupt case, or in similar scenarios involving preemption on\npreemptible kernels, and it we can consider it (de facto) part of KVM\nABI that KVM_GET_XSAVE returns XSTATE_BV[i]=0 for XFD-disabled features.\n\n[Move clea\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23005",
"url": "https://www.suse.com/security/cve/CVE-2026-23005"
},
{
"category": "external",
"summary": "SUSE Bug 1257245 for CVE-2026-23005",
"url": "https://bugzilla.suse.com/1257245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-23005"
},
{
"cve": "CVE-2026-23006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: tlv320adcx140: fix null pointer\n\nThe \"snd_soc_component\" in \"adcx140_priv\" was only used once but never\nset. It was only used for reaching \"dev\" which is already present in\n\"adcx140_priv\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23006",
"url": "https://www.suse.com/security/cve/CVE-2026-23006"
},
{
"category": "external",
"summary": "SUSE Bug 1257208 for CVE-2026-23006",
"url": "https://bugzilla.suse.com/1257208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-23006"
},
{
"cve": "CVE-2026-23011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_gre: make ipgre_header() robust\n\nAnalog to commit db5b4e39c4e6 (\"ip6_gre: make ip6gre_header() robust\")\n\nOver the years, syzbot found many ways to crash the kernel\nin ipgre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ipgre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff89ea3cb7 len:2030915468 put:2030915372 head:ffff888058b43000 data:ffff887fdfa6e194 tail:0x120 end:0x6c0 dev:team0\n kernel BUG at net/core/skbuff.c:213 !\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 1 UID: 0 PID: 1322 Comm: kworker/1:9 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: mld mld_ifc_work\n RIP: 0010:skb_panic+0x157/0x160 net/core/skbuff.c:213\nCall Trace:\n \u003cTASK\u003e\n skb_under_panic net/core/skbuff.c:223 [inline]\n skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n ipgre_header+0x67/0x290 net/ipv4/ip_gre.c:897\n dev_hard_header include/linux/netdevice.h:3436 [inline]\n neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23011",
"url": "https://www.suse.com/security/cve/CVE-2026-23011"
},
{
"category": "external",
"summary": "SUSE Bug 1257207 for CVE-2026-23011",
"url": "https://bugzilla.suse.com/1257207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_31-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.31.2.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.31.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.31.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-20T10:04:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-23011"
}
]
}
FKIE_CVE-2026-22984
Vulnerability from fkie_nvd - Published: 2026-01-23 16:15 - Updated: 2026-02-26 18:48
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
libceph: prevent potential out-of-bounds reads in handle_auth_done()
Perform an explicit bounds check on payload_len to avoid a possible
out-of-bounds access in the callout.
[ idryomov: changelog ]
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3 | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.19 | |
| linux | linux_kernel | 6.19 | |
| linux | linux_kernel | 6.19 | |
| linux | linux_kernel | 6.19 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82159CAA-B6BA-43C6-85D8-65BDBC175A7E",
"versionEndExcluding": "5.15.198",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E135B7E2-61FC-4DC1-8570-ABD67894FFDE",
"versionEndExcluding": "6.1.161",
"versionStartIncluding": "5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7A164B-7422-4A1C-82FB-5FCAEE53C06C",
"versionEndExcluding": "6.6.121",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F72B884C-B44F-40E4-9895-CE421AC663D0",
"versionEndExcluding": "6.12.66",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "879529BC-5B4C-4EBE-BF1D-1A31404A8B2E",
"versionEndExcluding": "6.18.6",
"versionStartIncluding": "6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in handle_auth_done()\n\nPerform an explicit bounds check on payload_len to avoid a possible\nout-of-bounds access in the callout.\n\n[ idryomov: changelog ]"
}
],
"id": "CVE-2026-22984",
"lastModified": "2026-02-26T18:48:45.403",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-01-23T16:15:54.440",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
MSRC_CVE-2026-22984
Vulnerability from csaf_microsoft - Published: 2026-01-02 00:00 - Updated: 2026-02-28 01:03Summary
libceph: prevent potential out-of-bounds reads in handle_auth_done()
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-22984 libceph: prevent potential out-of-bounds reads in handle_auth_done() - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-22984.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "libceph: prevent potential out-of-bounds reads in handle_auth_done()",
"tracking": {
"current_release_date": "2026-02-28T01:03:55.000Z",
"generator": {
"date": "2026-02-28T09:38:52.583Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-22984",
"initial_release_date": "2026-01-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-02-28T01:03:55.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 kernel 5.15.186.1-1",
"product": {
"name": "cbl2 kernel 5.15.186.1-1",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.186.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22984",
"notes": [
{
"category": "general",
"text": "Linux",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-22984 libceph: prevent potential out-of-bounds reads in handle_auth_done() - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-22984.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-02-28T01:03:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-1"
]
}
],
"title": "libceph: prevent potential out-of-bounds reads in handle_auth_done()"
}
]
}
WID-SEC-W-2026-0215
Vulnerability from csaf_certbund - Published: 2026-01-25 23:00 - Updated: 2026-02-16 23:00Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0215 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0215.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0215 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0215"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71145",
"url": "https://lore.kernel.org/linux-cve-announce/2026012321-CVE-2025-71145-4c0a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71146",
"url": "https://lore.kernel.org/linux-cve-announce/2026012325-CVE-2025-71146-96cf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71147",
"url": "https://lore.kernel.org/linux-cve-announce/2026012327-CVE-2025-71147-a296@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71148",
"url": "https://lore.kernel.org/linux-cve-announce/2026012327-CVE-2025-71148-78e6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71149",
"url": "https://lore.kernel.org/linux-cve-announce/2026012328-CVE-2025-71149-c9ee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71150",
"url": "https://lore.kernel.org/linux-cve-announce/2026012328-CVE-2025-71150-1b7c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71151",
"url": "https://lore.kernel.org/linux-cve-announce/2026012328-CVE-2025-71151-1a45@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71152",
"url": "https://lore.kernel.org/linux-cve-announce/2026012302-CVE-2025-71152-055a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71153",
"url": "https://lore.kernel.org/linux-cve-announce/2026012305-CVE-2025-71153-246e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71154",
"url": "https://lore.kernel.org/linux-cve-announce/2026012305-CVE-2025-71154-bc99@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71155",
"url": "https://lore.kernel.org/linux-cve-announce/2026012306-CVE-2025-71155-7691@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71156",
"url": "https://lore.kernel.org/linux-cve-announce/2026012306-CVE-2025-71156-f8f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71157",
"url": "https://lore.kernel.org/linux-cve-announce/2026012306-CVE-2025-71157-3a03@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71158",
"url": "https://lore.kernel.org/linux-cve-announce/2026012344-CVE-2025-71158-1cfa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71159",
"url": "https://lore.kernel.org/linux-cve-announce/2026012346-CVE-2025-71159-417a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71160",
"url": "https://lore.kernel.org/linux-cve-announce/2026012346-CVE-2025-71160-8c5d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71161",
"url": "https://lore.kernel.org/linux-cve-announce/2026012346-CVE-2025-71161-4b58@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71162",
"url": "https://lore.kernel.org/linux-cve-announce/2026012530-CVE-2025-71162-c0b7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71163",
"url": "https://lore.kernel.org/linux-cve-announce/2026012532-CVE-2025-71163-03ce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22978",
"url": "https://lore.kernel.org/linux-cve-announce/2026012347-CVE-2026-22978-4e34@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22979",
"url": "https://lore.kernel.org/linux-cve-announce/2026012347-CVE-2026-22979-b883@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22980",
"url": "https://lore.kernel.org/linux-cve-announce/2026012347-CVE-2026-22980-6031@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22981",
"url": "https://lore.kernel.org/linux-cve-announce/2026012348-CVE-2026-22981-94c5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22982",
"url": "https://lore.kernel.org/linux-cve-announce/2026012348-CVE-2026-22982-b250@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22983",
"url": "https://lore.kernel.org/linux-cve-announce/2026012348-CVE-2026-22983-db37@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22984",
"url": "https://lore.kernel.org/linux-cve-announce/2026012349-CVE-2026-22984-001c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22985",
"url": "https://lore.kernel.org/linux-cve-announce/2026012349-CVE-2026-22985-9a80@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22986",
"url": "https://lore.kernel.org/linux-cve-announce/2026012349-CVE-2026-22986-5992@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22987",
"url": "https://lore.kernel.org/linux-cve-announce/2026012350-CVE-2026-22987-8984@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22988",
"url": "https://lore.kernel.org/linux-cve-announce/2026012350-CVE-2026-22988-1ee5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22989",
"url": "https://lore.kernel.org/linux-cve-announce/2026012350-CVE-2026-22989-06be@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22990",
"url": "https://lore.kernel.org/linux-cve-announce/2026012351-CVE-2026-22990-a62e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22991",
"url": "https://lore.kernel.org/linux-cve-announce/2026012351-CVE-2026-22991-e4a2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22992",
"url": "https://lore.kernel.org/linux-cve-announce/2026012351-CVE-2026-22992-0607@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22993",
"url": "https://lore.kernel.org/linux-cve-announce/2026012352-CVE-2026-22993-2e35@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22994",
"url": "https://lore.kernel.org/linux-cve-announce/2026012352-CVE-2026-22994-ab5f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22995",
"url": "https://lore.kernel.org/linux-cve-announce/2026012352-CVE-2026-22995-7465@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22996",
"url": "https://lore.kernel.org/linux-cve-announce/2026012532-CVE-2026-22996-f977@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22997",
"url": "https://lore.kernel.org/linux-cve-announce/2026012533-CVE-2026-22997-42ca@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22998",
"url": "https://lore.kernel.org/linux-cve-announce/2026012533-CVE-2026-22998-8392@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-22999",
"url": "https://lore.kernel.org/linux-cve-announce/2026012533-CVE-2026-22999-c098@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23000",
"url": "https://lore.kernel.org/linux-cve-announce/2026012534-CVE-2026-23000-36e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23001",
"url": "https://lore.kernel.org/linux-cve-announce/2026012534-CVE-2026-23001-7ab0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23002",
"url": "https://lore.kernel.org/linux-cve-announce/2026012534-CVE-2026-23002-ffa4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23003",
"url": "https://lore.kernel.org/linux-cve-announce/2026012535-CVE-2026-23003-e684@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23004",
"url": "https://lore.kernel.org/linux-cve-announce/2026012535-CVE-2026-23004-205e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23005",
"url": "https://lore.kernel.org/linux-cve-announce/2026012536-CVE-2026-23005-df15@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23006",
"url": "https://lore.kernel.org/linux-cve-announce/2026012536-CVE-2026-23006-241b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23007",
"url": "https://lore.kernel.org/linux-cve-announce/2026012536-CVE-2026-23007-38b1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23008",
"url": "https://lore.kernel.org/linux-cve-announce/2026012537-CVE-2026-23008-d435@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23009",
"url": "https://lore.kernel.org/linux-cve-announce/2026012537-CVE-2026-23009-7209@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23010",
"url": "https://lore.kernel.org/linux-cve-announce/2026012537-CVE-2026-23010-91ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23011",
"url": "https://lore.kernel.org/linux-cve-announce/2026012538-CVE-2026-23011-d4fd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23012",
"url": "https://lore.kernel.org/linux-cve-announce/2026012538-CVE-2026-23012-8a3d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23013",
"url": "https://lore.kernel.org/linux-cve-announce/2026012538-CVE-2026-23013-303c@gregkh/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2264 vom 2026-02-09",
"url": "https://access.redhat.com/errata/RHSA-2026:2264"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6126 vom 2026-02-09",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6127 vom 2026-02-10",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2378 vom 2026-02-10",
"url": "https://access.redhat.com/errata/RHSA-2026:2378"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2264 vom 2026-02-10",
"url": "https://linux.oracle.com/errata/ELSA-2026-2264.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4475 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00016.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0447-1 vom 2026-02-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024124.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4476 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8034-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8034-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0475-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024139.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0473-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024136.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0474-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024140.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0471-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024142.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0472-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024141.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0496-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024158.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0495-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024159.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:2264 vom 2026-02-15",
"url": "https://errata.build.resf.org/RLSA-2026:2264"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2721 vom 2026-02-16",
"url": "https://access.redhat.com/errata/RHSA-2026:2721"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2722 vom 2026-02-16",
"url": "https://access.redhat.com/errata/RHSA-2026:2722"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2721 vom 2026-02-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-2721.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-16T23:00:00.000+00:00",
"generator": {
"date": "2026-02-17T09:05:23.905+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0215",
"initial_release_date": "2026-01-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-4616, EUVD-2026-4617, EUVD-2026-4623, EUVD-2026-4626, EUVD-2026-4619, EUVD-2026-4625, EUVD-2026-4628"
},
{
"date": "2026-02-08T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian und Red Hat aufgenommen"
},
{
"date": "2026-02-10T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2026-02-12T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-02-16T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T050304",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-71145",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71145"
},
{
"cve": "CVE-2025-71146",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71146"
},
{
"cve": "CVE-2025-71147",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71147"
},
{
"cve": "CVE-2025-71148",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71148"
},
{
"cve": "CVE-2025-71149",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71149"
},
{
"cve": "CVE-2025-71150",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71150"
},
{
"cve": "CVE-2025-71151",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71151"
},
{
"cve": "CVE-2025-71152",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71152"
},
{
"cve": "CVE-2025-71153",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71153"
},
{
"cve": "CVE-2025-71154",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71154"
},
{
"cve": "CVE-2025-71155",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71155"
},
{
"cve": "CVE-2025-71156",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71156"
},
{
"cve": "CVE-2025-71157",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71157"
},
{
"cve": "CVE-2025-71158",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71158"
},
{
"cve": "CVE-2025-71159",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71159"
},
{
"cve": "CVE-2025-71160",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71160"
},
{
"cve": "CVE-2025-71161",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71161"
},
{
"cve": "CVE-2025-71162",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71162"
},
{
"cve": "CVE-2025-71163",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2025-71163"
},
{
"cve": "CVE-2026-22978",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22978"
},
{
"cve": "CVE-2026-22979",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22979"
},
{
"cve": "CVE-2026-22980",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22980"
},
{
"cve": "CVE-2026-22981",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22981"
},
{
"cve": "CVE-2026-22982",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22982"
},
{
"cve": "CVE-2026-22983",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22983"
},
{
"cve": "CVE-2026-22984",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22984"
},
{
"cve": "CVE-2026-22985",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22985"
},
{
"cve": "CVE-2026-22986",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22986"
},
{
"cve": "CVE-2026-22987",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22987"
},
{
"cve": "CVE-2026-22988",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22988"
},
{
"cve": "CVE-2026-22989",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22989"
},
{
"cve": "CVE-2026-22990",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22990"
},
{
"cve": "CVE-2026-22991",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22991"
},
{
"cve": "CVE-2026-22992",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22992"
},
{
"cve": "CVE-2026-22993",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22993"
},
{
"cve": "CVE-2026-22994",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22994"
},
{
"cve": "CVE-2026-22995",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22995"
},
{
"cve": "CVE-2026-22996",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22996"
},
{
"cve": "CVE-2026-22997",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22997"
},
{
"cve": "CVE-2026-22998",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22998"
},
{
"cve": "CVE-2026-22999",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-22999"
},
{
"cve": "CVE-2026-23000",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23000"
},
{
"cve": "CVE-2026-23001",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23001"
},
{
"cve": "CVE-2026-23002",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23002"
},
{
"cve": "CVE-2026-23003",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23003"
},
{
"cve": "CVE-2026-23004",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23004"
},
{
"cve": "CVE-2026-23005",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23005"
},
{
"cve": "CVE-2026-23006",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23006"
},
{
"cve": "CVE-2026-23007",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23007"
},
{
"cve": "CVE-2026-23008",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23008"
},
{
"cve": "CVE-2026-23009",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23009"
},
{
"cve": "CVE-2026-23010",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23010"
},
{
"cve": "CVE-2026-23011",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23011"
},
{
"cve": "CVE-2026-23012",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23012"
},
{
"cve": "CVE-2026-23013",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T050304",
"T000126",
"T004914",
"T032255"
]
},
"release_date": "2026-01-25T23:00:00.000+00:00",
"title": "CVE-2026-23013"
}
]
}
GHSA-5RPF-HQPR-28R8
Vulnerability from github – Published: 2026-01-23 18:31 – Updated: 2026-02-26 21:31
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
libceph: prevent potential out-of-bounds reads in handle_auth_done()
Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout.
[ idryomov: changelog ]
Severity ?
7.1 (High)
{
"affected": [],
"aliases": [
"CVE-2026-22984"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-23T16:15:54Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in handle_auth_done()\n\nPerform an explicit bounds check on payload_len to avoid a possible\nout-of-bounds access in the callout.\n\n[ idryomov: changelog ]",
"id": "GHSA-5rpf-hqpr-28r8",
"modified": "2026-02-26T21:31:27Z",
"published": "2026-01-23T18:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22984"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…