SUSE update for the Linux Kernel



Risk Low
Patch available YES
Number of vulnerabilities 62
CVE-ID CVE-2017-5753
CVE-2021-4454
CVE-2022-1016
CVE-2022-49053
CVE-2022-49293
CVE-2022-49465
CVE-2022-49650
CVE-2022-49739
CVE-2022-49746
CVE-2022-49748
CVE-2022-49751
CVE-2022-49753
CVE-2022-49755
CVE-2022-49759
CVE-2023-0179
CVE-2023-1652
CVE-2023-2162
CVE-2023-3567
CVE-2023-52930
CVE-2023-52933
CVE-2023-52935
CVE-2023-52939
CVE-2023-52941
CVE-2023-52973
CVE-2023-52974
CVE-2023-52975
CVE-2023-52976
CVE-2023-52979
CVE-2023-52983
CVE-2023-52984
CVE-2023-52988
CVE-2023-52989
CVE-2023-52992
CVE-2023-52993
CVE-2023-53000
CVE-2023-53005
CVE-2023-53006
CVE-2023-53007
CVE-2023-53008
CVE-2023-53010
CVE-2023-53015
CVE-2023-53016
CVE-2023-53019
CVE-2023-53023
CVE-2023-53024
CVE-2023-53025
CVE-2023-53026
CVE-2023-53028
CVE-2023-53029
CVE-2023-53030
CVE-2023-53033
CVE-2024-50290
CVE-2024-53063
CVE-2024-53064
CVE-2024-56651
CVE-2024-58083
CVE-2025-21693
CVE-2025-21714
CVE-2025-21732
CVE-2025-21753
CVE-2025-21772
CVE-2025-21839
CWE-ID CWE-200
CWE-399
CWE-416
CWE-401
CWE-191
CWE-20
CWE-190
CWE-667
CWE-476
CWE-125
CWE-119
CWE-835
Exploitation vector Local
Public exploit Vulnerability #1 is being exploited in the wild.
Public exploit code for vulnerability #15 is available.
Vulnerable software
 SUSE Linux Enterprise Server 15 SP4
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing ESPOS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-amazon
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP4_Update_39-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_161-default
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 62 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU9884

Risk: Low

CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2017-5753

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: Yes

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can perform a bounds check bypass, execute arbitrary code, conduct a side-channel attack and read sensitive memory information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

2) Resource management error

EUVDB-ID: #VU106217

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-4454

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the j1939_session_deactivate() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU62028

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1016

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in net/netfilter/nf_tables_core.c:nft_do_chain in Linux kernel.. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU104481

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49053

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcmu_try_get_data_page() and tcmu_vma_fault() functions in drivers/target/target_core_user.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU104242

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49293

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_do_chain() function in net/netfilter/nf_tables_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU104419

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49465

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the block/blk-throttle.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Integer underflow

EUVDB-ID: #VU104794

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49650

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the bam_alloc_chan(), bam_free_chan(), bam_pause(), bam_resume(), bam_dma_irq(), bam_start_dma(), bam_dma_probe(), bam_dma_suspend() and bam_dma_resume() functions in drivers/dma/qcom/bam_dma.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Input validation error

EUVDB-ID: #VU106234

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49739

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the gfs2_dinode_in() function in fs/gfs2/glops.c, within the gfs2_unstuffer_page() function in fs/gfs2/bmap.c, within the stuffed_readpage() function in fs/gfs2/aops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory leak

EUVDB-ID: #VU106157

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49746

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sdma_transfer_init() function in drivers/dma/imx-sdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Integer overflow

EUVDB-ID: #VU106208

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49748

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the amd_core_pmu_init() function in arch/x86/events/amd/core.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper locking

EUVDB-ID: #VU106198

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49751

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the w1_process() function in drivers/w1/w1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU106178

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49753

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dma_chan_get() function in drivers/dma/dmaengine.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free

EUVDB-ID: #VU106177

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49755

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __ffs_ep0_queue_wait() and functionfs_unbind() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Improper locking

EUVDB-ID: #VU106199

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49759

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the vmci_check_host_caps(), vmci_dispatch_dgs(), vmci_interrupt(), vmci_interrupt_bm(), vmci_guest_probe_device(), free_irq() and vmci_guest_remove_device() functions in drivers/misc/vmw_vmci/vmci_guest.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Integer overflow

EUVDB-ID: #VU71173

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-0179

CWE-ID: CWE-190 - Integer overflow

Exploit availability: Yes

Description

The vulnerability allows a local  user to escalate privileges on the system.

The vulnerability exists due to an integer overflow within the nft_payload_copy_vlan() function in Linux kernel Netfilter. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

16) Use-after-free

EUVDB-ID: #VU74770

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1652

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nfsd4_ssc_setup_dul() function in fs/nfsd/nfs4proc.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU75994

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2162

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU79491

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3567

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vc_screen() function in vcs_read in drivers/tty/vt/vc_screen.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory leak

EUVDB-ID: #VU106153

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52930

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the i915_gem_object_set_tiling() function in drivers/gpu/drm/i915/gem/i915_gem_tiling.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Input validation error

EUVDB-ID: #VU106206

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52933

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the squashfs_xattr_lookup() function in fs/squashfs/xattr_id.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU106174

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52935

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the retract_page_tables() function in mm/khugepaged.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) NULL pointer dereference

EUVDB-ID: #VU106188

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52939

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/memcontrol.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Resource management error

EUVDB-ID: #VU106223

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52941

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the isotp_rcv_echo(), isotp_tx_timer_handler(), isotp_release() and isotp_init() functions in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU106173

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52973

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vcs_read() function in drivers/tty/vt/vc_screen.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU106172

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52974

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsi_sw_tcp_host_get_param() and iscsi_sw_tcp_session_create() functions in drivers/scsi/iscsi_tcp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU106171

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52975

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() and iscsi_session_teardown() functions in drivers/scsi/libiscsi.c, within the iscsi_sw_tcp_session_destroy() function in drivers/scsi/iscsi_tcp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) NULL pointer dereference

EUVDB-ID: #VU106189

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52976

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efi_mem_reserve_persistent() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU106180

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52979

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the squashfs_read_xattr_id_table() function in fs/squashfs/xattr_id.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free

EUVDB-ID: #VU106159

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52983

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bfq_check_ioprio_change() function in block/bfq-iosched.c, within the __bfq_bic_change_cgroup() function in block/bfq-cgroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU106190

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52984

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dp83822_config_intr() function in drivers/net/phy/dp83822.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds read

EUVDB-ID: #VU106182

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52988

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the add_secret_dac_path() function in sound/pci/hda/patch_via.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Memory leak

EUVDB-ID: #VU106134

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52989

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ioctl_send_response() function in drivers/firewire/core-cdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU106222

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52992

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the bpf_send_signal_common() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) NULL pointer dereference

EUVDB-ID: #VU106192

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52993

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the init_ISA_irqs() function in arch/x86/kernel/irqinit.c, within the make_8259A_irq() function in arch/x86/kernel/i8259.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory leak

EUVDB-ID: #VU106144

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53000

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the validate_nla() and __nla_validate_parse() functions in lib/nlattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) NULL pointer dereference

EUVDB-ID: #VU106194

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53005

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the create_hist_field() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Input validation error

EUVDB-ID: #VU106233

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53006

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the smbd_destroy() function in fs/cifs/smbdirect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Resource management error

EUVDB-ID: #VU106225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53007

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the init_events() function in kernel/trace/trace_output.c, within the early_trace_init() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Memory leak

EUVDB-ID: #VU106140

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53008

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the SMB2_auth_kerberos() function in fs/cifs/smb2pdu.c, within the decode_ntlmssp_challenge() and sess_auth_kerberos() functions in fs/cifs/sess.c, within the build_avpair_blob() function in fs/cifs/cifsencrypt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Buffer overflow

EUVDB-ID: #VU106214

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53010

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the bnxt_ethtool_init() function in drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) NULL pointer dereference

EUVDB-ID: #VU106196

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53015

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Use-after-free

EUVDB-ID: #VU106164

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53016

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rfcomm_sock_connect() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Out-of-bounds read

EUVDB-ID: #VU106184

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53019

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the EXPORT_SYMBOL() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU106162

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53023

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the local_cleanup() function in net/nfc/llcp_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Memory leak

EUVDB-ID: #VU106136

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53024

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Use-after-free

EUVDB-ID: #VU106161

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53025

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fs/nfsd/nfs4proc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Integer overflow

EUVDB-ID: #VU106211

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53026

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the EXPORT_SYMBOL() function in drivers/infiniband/core/verbs.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Memory leak

EUVDB-ID: #VU106135

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53028

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ieee80211_if_add() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Use-after-free

EUVDB-ID: #VU106160

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53029

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the otx2_pool_refill_task(), otx2_sq_aura_pool_init() and otx2_rq_aura_pool_init() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Resource management error

EUVDB-ID: #VU106219

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53030

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the otx2_sq_aura_pool_init() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Buffer overflow

EUVDB-ID: #VU106221

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53033

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the nft_payload_copy_vlan() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Integer underflow

EUVDB-ID: #VU100637

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50290

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the cx24116_read_snr_pct() function in drivers/media/dvb-frontends/cx24116.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Resource management error

EUVDB-ID: #VU100741

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53063

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the DECLARE_RWSEM() and dvb_register_device() functions in drivers/media/dvb-core/dvbdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) NULL pointer dereference

EUVDB-ID: #VU100714

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53064

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the idpf_init_hard_reset() function in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Use-after-free

EUVDB-ID: #VU102030

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56651

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hi3110_can_ist() function in drivers/net/can/spi/hi311x.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Use-after-free

EUVDB-ID: #VU105391

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-58083

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the include/linux/kvm_host.h. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Use-after-free

EUVDB-ID: #VU103741

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21693

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the zswap_pool_create(), zswap_cpu_comp_prepare(), zswap_cpu_comp_dead(), zswap_compress() and zswap_decompress() functions in mm/zswap.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Use-after-free

EUVDB-ID: #VU104965

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21714

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the destroy_unused_implicit_child_mr() and implicit_get_child_mr() functions in drivers/infiniband/hw/mlx5/odp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Use-after-free

EUVDB-ID: #VU104955

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21732

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlx5_ib_invalidate_range() function in drivers/infiniband/hw/mlx5/odp.c, within the mlx5_revoke_mr() function in drivers/infiniband/hw/mlx5/mr.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU104944

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21753

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fs/btrfs/transaction.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

EUVDB-ID: #VU104980

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21772

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mac_partition() function in block/partitions/mac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Infinite loop

EUVDB-ID: #VU105468

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21839

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the vcpu_enter_guest() function in arch/x86/kvm/x86.c, within the vmx_sync_dirty_debug_regs() and vmx_vcpu_run() functions in arch/x86/kvm/vmx/vmx.c, within the new_asid() and svm_vcpu_run() functions in arch/x86/kvm/svm/svm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4: LTSS

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: All versions

dtb-allwinner: All versions

dlm-kmp-64kb-debuginfo: All versions

gfs2-kmp-64kb: All versions

dtb-marvell: All versions

dtb-rockchip: All versions

dtb-amlogic: All versions

dtb-sprd: All versions

ocfs2-kmp-64kb-debuginfo: All versions

dtb-renesas: All versions

kernel-64kb-optional: All versions

ocfs2-kmp-64kb: All versions

dtb-exynos: All versions

dtb-nvidia: All versions

dtb-broadcom: All versions

dtb-xilinx: All versions

reiserfs-kmp-64kb-debuginfo: All versions

dtb-socionext: All versions

dtb-lg: All versions

dtb-amd: All versions

dtb-hisilicon: All versions

dtb-qcom: All versions

dtb-apple: All versions

kernel-64kb-extra: All versions

dtb-apm: All versions

dtb-mediatek: All versions

gfs2-kmp-64kb-debuginfo: All versions

dlm-kmp-64kb: All versions

cluster-md-kmp-64kb-debuginfo: All versions

kernel-64kb-optional-debuginfo: All versions

kernel-64kb-debuginfo: All versions

cluster-md-kmp-64kb: All versions

dtb-amazon: All versions

kselftests-kmp-64kb-debuginfo: All versions

dtb-arm: All versions

kernel-64kb-devel-debuginfo: All versions

dtb-freescale: All versions

kernel-64kb-extra-debuginfo: All versions

dtb-altera: All versions

kernel-64kb-devel: All versions

kselftests-kmp-64kb: All versions

reiserfs-kmp-64kb: All versions

kernel-64kb-debugsource: All versions

dtb-cavium: All versions

dtb-aarch64: All versions

kernel-zfcpdump-debugsource: All versions

kernel-zfcpdump-debuginfo: All versions

kernel-zfcpdump: All versions

kernel-kvmsmall: All versions

kernel-livepatch-SLE15-SP4_Update_39-debugsource: All versions

kernel-livepatch-5_14_21-150400_24_161-default: All versions

kernel-default-livepatch-devel: All versions

kernel-livepatch-5_14_21-150400_24_161-default-debuginfo: All versions

kernel-default: All versions

gfs2-kmp-default: All versions

ocfs2-kmp-default: All versions

dlm-kmp-default: All versions

dlm-kmp-default-debuginfo: All versions

gfs2-kmp-default-debuginfo: All versions

kernel-default-optional-debuginfo: All versions

cluster-md-kmp-default-debuginfo: All versions

reiserfs-kmp-default-debuginfo: All versions

kernel-default-livepatch: All versions

kernel-default-extra: All versions

kernel-default-devel-debuginfo: All versions

kernel-obs-qa: All versions

kernel-obs-build: All versions

kernel-syms: All versions

kselftests-kmp-default-debuginfo: All versions

kernel-obs-build-debugsource: All versions

ocfs2-kmp-default-debuginfo: All versions

kernel-default-devel: All versions

kernel-default-optional: All versions

kernel-default-debugsource: All versions

cluster-md-kmp-default: All versions

kselftests-kmp-default: All versions

reiserfs-kmp-default: All versions

kernel-default-debuginfo: All versions

kernel-default-extra-debuginfo: All versions

kernel-kvmsmall-devel-debuginfo: All versions

kernel-default-base-rebuild: All versions

kernel-default-base: All versions

kernel-kvmsmall-debugsource: All versions

kernel-kvmsmall-devel: All versions

kernel-kvmsmall-debuginfo: All versions

kernel-debug-devel-debuginfo: All versions

kernel-debug-devel: All versions

kernel-debug-debuginfo: All versions

kernel-debug-debugsource: All versions

kernel-debug: All versions

kernel-docs-html: All versions

kernel-source-vanilla: All versions

kernel-source: All versions

kernel-devel: All versions

kernel-macros: All versions

kernel-docs: All versions

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###