SUSE update for the Linux Kernel



Risk Low
Patch available YES
Number of vulnerabilities 235
CVE-ID CVE-2019-11135
CVE-2024-36028
CVE-2024-36348
CVE-2024-36349
CVE-2024-36350
CVE-2024-36357
CVE-2024-44963
CVE-2024-56742
CVE-2024-57947
CVE-2025-21839
CVE-2025-21872
CVE-2025-23163
CVE-2025-37798
CVE-2025-37856
CVE-2025-37864
CVE-2025-37885
CVE-2025-37920
CVE-2025-37984
CVE-2025-38034
CVE-2025-38035
CVE-2025-38051
CVE-2025-38052
CVE-2025-38058
CVE-2025-38061
CVE-2025-38062
CVE-2025-38063
CVE-2025-38064
CVE-2025-38074
CVE-2025-38084
CVE-2025-38085
CVE-2025-38087
CVE-2025-38088
CVE-2025-38089
CVE-2025-38090
CVE-2025-38094
CVE-2025-38095
CVE-2025-38097
CVE-2025-38098
CVE-2025-38099
CVE-2025-38100
CVE-2025-38102
CVE-2025-38105
CVE-2025-38107
CVE-2025-38108
CVE-2025-38109
CVE-2025-38110
CVE-2025-38111
CVE-2025-38112
CVE-2025-38113
CVE-2025-38115
CVE-2025-38117
CVE-2025-38118
CVE-2025-38120
CVE-2025-38122
CVE-2025-38123
CVE-2025-38124
CVE-2025-38126
CVE-2025-38127
CVE-2025-38129
CVE-2025-38131
CVE-2025-38132
CVE-2025-38135
CVE-2025-38136
CVE-2025-38138
CVE-2025-38142
CVE-2025-38143
CVE-2025-38145
CVE-2025-38147
CVE-2025-38148
CVE-2025-38149
CVE-2025-38151
CVE-2025-38153
CVE-2025-38154
CVE-2025-38155
CVE-2025-38157
CVE-2025-38158
CVE-2025-38159
CVE-2025-38161
CVE-2025-38162
CVE-2025-38165
CVE-2025-38166
CVE-2025-38173
CVE-2025-38174
CVE-2025-38177
CVE-2025-38180
CVE-2025-38181
CVE-2025-38182
CVE-2025-38183
CVE-2025-38187
CVE-2025-38188
CVE-2025-38192
CVE-2025-38193
CVE-2025-38194
CVE-2025-38197
CVE-2025-38198
CVE-2025-38200
CVE-2025-38202
CVE-2025-38203
CVE-2025-38204
CVE-2025-38206
CVE-2025-38210
CVE-2025-38211
CVE-2025-38212
CVE-2025-38213
CVE-2025-38214
CVE-2025-38215
CVE-2025-38217
CVE-2025-38220
CVE-2025-38222
CVE-2025-38225
CVE-2025-38226
CVE-2025-38227
CVE-2025-38229
CVE-2025-38231
CVE-2025-38236
CVE-2025-38239
CVE-2025-38244
CVE-2025-38246
CVE-2025-38248
CVE-2025-38249
CVE-2025-38250
CVE-2025-38257
CVE-2025-38259
CVE-2025-38264
CVE-2025-38272
CVE-2025-38273
CVE-2025-38275
CVE-2025-38277
CVE-2025-38279
CVE-2025-38283
CVE-2025-38286
CVE-2025-38289
CVE-2025-38290
CVE-2025-38292
CVE-2025-38293
CVE-2025-38300
CVE-2025-38303
CVE-2025-38304
CVE-2025-38305
CVE-2025-38307
CVE-2025-38310
CVE-2025-38312
CVE-2025-38313
CVE-2025-38319
CVE-2025-38323
CVE-2025-38326
CVE-2025-38328
CVE-2025-38332
CVE-2025-38334
CVE-2025-38335
CVE-2025-38336
CVE-2025-38337
CVE-2025-38338
CVE-2025-38342
CVE-2025-38343
CVE-2025-38344
CVE-2025-38345
CVE-2025-38348
CVE-2025-38349
CVE-2025-38350
CVE-2025-38352
CVE-2025-38354
CVE-2025-38362
CVE-2025-38363
CVE-2025-38364
CVE-2025-38365
CVE-2025-38369
CVE-2025-38371
CVE-2025-38373
CVE-2025-38375
CVE-2025-38376
CVE-2025-38377
CVE-2025-38380
CVE-2025-38382
CVE-2025-38384
CVE-2025-38385
CVE-2025-38386
CVE-2025-38387
CVE-2025-38389
CVE-2025-38391
CVE-2025-38392
CVE-2025-38393
CVE-2025-38395
CVE-2025-38396
CVE-2025-38399
CVE-2025-38400
CVE-2025-38401
CVE-2025-38403
CVE-2025-38404
CVE-2025-38406
CVE-2025-38409
CVE-2025-38410
CVE-2025-38412
CVE-2025-38414
CVE-2025-38415
CVE-2025-38416
CVE-2025-38420
CVE-2025-38424
CVE-2025-38425
CVE-2025-38426
CVE-2025-38428
CVE-2025-38429
CVE-2025-38430
CVE-2025-38436
CVE-2025-38443
CVE-2025-38448
CVE-2025-38449
CVE-2025-38455
CVE-2025-38457
CVE-2025-38460
CVE-2025-38461
CVE-2025-38462
CVE-2025-38463
CVE-2025-38465
CVE-2025-38467
CVE-2025-38468
CVE-2025-38470
CVE-2025-38471
CVE-2025-38473
CVE-2025-38474
CVE-2025-38476
CVE-2025-38477
CVE-2025-38478
CVE-2025-38480
CVE-2025-38481
CVE-2025-38482
CVE-2025-38483
CVE-2025-38485
CVE-2025-38487
CVE-2025-38489
CVE-2025-38494
CVE-2025-38495
CVE-2025-38496
CVE-2025-38497
CVE-2025-38498
CWE-ID CWE-399
CWE-667
CWE-1342
CWE-401
CWE-835
CWE-20
CWE-191
CWE-416
CWE-190
CWE-476
CWE-682
CWE-125
CWE-119
CWE-415
CWE-787
CWE-388
CWE-908
CWE-362
CWE-269
Exploitation vector Local
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #33 is available.
Vulnerability #161 is being exploited in the wild.
Vulnerable software
 SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

kernel-livepatch-6_4_0-150600_10_49-rt
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 235 vulnerabilities.

1) Resource management error

EUVDB-ID: #VU22704

Risk: Low

CVSSv4.0: 4.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-11135

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the TSX Asynchronous Abort (TAA) in Intel CPUs. The TAA condition, on some microprocessors utilizing speculative execution, may allow an authenticated user to potentially enable information disclosure via a side channel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Improper locking

EUVDB-ID: #VU91503

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36028

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __update_and_free_page() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information exposure through microarchitectural state after transient execution

EUVDB-ID: #VU112556

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36348

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information leak. A local user process can infer the control registers speculatively even if UMIP[3] feature is enabled, potentially resulting in information leakage.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information exposure through microarchitectural state after transient execution

EUVDB-ID: #VU112557

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36349

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information leak. A local user process can infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information exposure through microarchitectural state after transient execution

EUVDB-ID: #VU112549

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36350

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information leak. A local user can obtain sensitive data from previous stores.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Information exposure through microarchitectural state after transient execution

EUVDB-ID: #VU112552

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36357

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information leak. A local user can obtain sensitive data from the L1D cache.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Memory leak

EUVDB-ID: #VU96830

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44963

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the btrfs_quota_disable() function in fs/btrfs/qgroup.c, within the create_subvol() function in fs/btrfs/ioctl.c, within the btrfs_delete_free_space_tree() function in fs/btrfs/free-space-tree.c, within the btrfs_free_tree_block(), clear_bit() and walk_up_proc() functions in fs/btrfs/extent-tree.c, within the btrfs_force_cow_block(), balance_level(), insert_new_root() and btrfs_del_leaf() functions in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory leak

EUVDB-ID: #VU101983

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56742

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5vf_add_migration_pages() function in drivers/vfio/pci/mlx5/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory leak

EUVDB-ID: #VU103269

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57947

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_pipapo_avx2_lookup_slow() function in net/netfilter/nft_set_pipapo_avx2.c, within the nft_pipapo_lookup() and pipapo_get() functions in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Infinite loop

EUVDB-ID: #VU105468

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21839

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the vcpu_enter_guest() function in arch/x86/kvm/x86.c, within the vmx_sync_dirty_debug_regs() and vmx_vcpu_run() functions in arch/x86/kvm/vmx/vmx.c, within the new_asid() and svm_vcpu_run() functions in arch/x86/kvm/svm/svm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Infinite loop

EUVDB-ID: #VU106128

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21872

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the efi_mokvar_table_init() function in drivers/firmware/efi/mokvar-table.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Resource management error

EUVDB-ID: #VU108381

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-23163

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the vlan_dev_open(), vlan_dev_stop() and vlan_dev_change_rx_flags() functions in net/8021q/vlan_dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Input validation error

EUVDB-ID: #VU108390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37798

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the qdisc_bstats_update() function in net/sched/sch_fq_codel.c, within the codel_qdisc_dequeue() function in net/sched/sch_codel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Integer underflow

EUVDB-ID: #VU108885

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37856

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the btrfs_put_transaction() and btrfs_cleanup_pending_block_groups() functions in fs/btrfs/transaction.c, within the btrfs_finish_extent_commit() function in fs/btrfs/extent-tree.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Memory leak

EUVDB-ID: #VU108854

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37864

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dsa_switch_parse() function in net/dsa/dsa.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free

EUVDB-ID: #VU108860

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37885

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vmx_pi_update_irte() function in arch/x86/kvm/vmx/posted_intr.c, within the avic_pi_update_irte() function in arch/x86/kvm/svm/avic.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Improper locking

EUVDB-ID: #VU109537

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37920

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the xp_create_and_assign_umem() function in net/xdp/xsk_buff_pool.c, within the xsk_generic_rcv() and xsk_create() functions in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Integer overflow

EUVDB-ID: #VU109553

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37984

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the ecdsa_x962_verify() function in crypto/ecdsa-x962.c, within the ecdsa_p1363_verify() function in crypto/ecdsa-p1363.c, within the EXPORT_SYMBOL() function in crypto/ecc.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) NULL pointer dereference

EUVDB-ID: #VU111557

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38034

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/trace/events/btrfs.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) NULL pointer dereference

EUVDB-ID: #VU111555

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38035

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nvmet_tcp_restore_socket_callbacks() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU111466

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38051

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the find_cifs_entry() function in fs/cifs/readdir.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU111465

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38052

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tipc_aead_encrypt() and tipc_aead_encrypt_done() functions in net/tipc/crypto.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Incorrect calculation

EUVDB-ID: #VU111678

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38058

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the __legitimize_mnt() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Out-of-bounds read

EUVDB-ID: #VU111490

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38061

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the pktgen_thread_write() function in net/core/pktgen.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU111464

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38062

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iommu_dma_prepare_msi() function in drivers/iommu/dma-iommu.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Improper locking

EUVDB-ID: #VU111600

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38063

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __send_empty_flush() function in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Resource management error

EUVDB-ID: #VU111673

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38064

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the virtio_irq_get_affinity() and __register_virtio_driver() functions in drivers/virtio/virtio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free

EUVDB-ID: #VU111536

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38074

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vhost_scsi_complete_cmd_work() and vhost_scsi_tmf_resp_work() functions in drivers/vhost/scsi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Improper locking

EUVDB-ID: #VU112119

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38084

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __split_vma() function in mm/vma.c, within the hugetlb_vma_lock_free(), hugetlb_vm_op_split(), move_hugetlb_state() and hugetlb_unshare_pmds() functions in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Buffer overflow

EUVDB-ID: #VU112121

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38085

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the huge_pmd_unshare() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Use-after-free

EUVDB-ID: #VU112115

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38087

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the taprio_dev_notifier() function in net/sched/sch_taprio.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds read

EUVDB-ID: #VU112116

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38088

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the memtrace_read() function in arch/powerpc/platforms/powernv/memtrace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) NULL pointer dereference

EUVDB-ID: #VU112118

Risk: Low

CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2025-38089

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: Yes

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the svc_process_common() function in net/sunrpc/svc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

34) Buffer overflow

EUVDB-ID: #VU112123

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38090

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the riocm_ch_send() function in drivers/rapidio/rio_cm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Improper locking

EUVDB-ID: #VU112240

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38094

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the macb_update_stats() function in drivers/net/ethernet/cadence/macb_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) NULL pointer dereference

EUVDB-ID: #VU112221

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38095

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dma_resv_add_fence() function in drivers/dma-buf/dma-resv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Memory leak

EUVDB-ID: #VU112169

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38097

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __xfrm_state_delete() function in net/xfrm/xfrm_state.c, within the esp_ssg_unref(), esp6_find_tcp_sk(), esp_output_tcp_finish() and esp6_output_tcp_encap() functions in net/ipv6/esp6.c, within the esp_ssg_unref(), esp_find_tcp_sk(), esp_output_tcp_finish() and esp_output_tcp_encap() functions in net/ipv4/esp4.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Input validation error

EUVDB-ID: #VU112270

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38098

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the pre_validate_dsc() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c, within the create_validate_stream_for_sink(), amdgpu_dm_connector_mode_valid() and dm_update_crtc_state() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Improper locking

EUVDB-ID: #VU112223

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38099

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hci_cc_read_buffer_size() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Memory leak

EUVDB-ID: #VU112172

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38100

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the copy_thread() and native_tss_update_io_bitmap() functions in arch/x86/kernel/process.c, within the io_bitmap_share(), io_bitmap_exit() and SYSCALL_DEFINE1() functions in arch/x86/kernel/ioport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Double free

EUVDB-ID: #VU112243

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38102

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the drv_cp_harray_to_user() and vmci_host_setup_notify() functions in drivers/misc/vmw_vmci/vmci_host.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Input validation error

EUVDB-ID: #VU112269

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38105

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the snd_usbmidi_free() and snd_usbmidi_disconnect() functions in sound/usb/midi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Integer underflow

EUVDB-ID: #VU112249

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38107

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the ets_qdisc_change() function in net/sched/sch_ets.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Improper locking

EUVDB-ID: #VU112225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38108

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __red_change() function in net/sched/sch_red.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Use-after-free

EUVDB-ID: #VU112180

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38109

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlx5_eswitch_enable_pf_vf_vports() and mlx5_eswitch_disable_pf_vf_vports() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Out-of-bounds write

EUVDB-ID: #VU112259

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38110

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds write within the __mdiobus_c45_read() and __mdiobus_c45_write() functions in drivers/net/phy/mdio_bus.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

EUVDB-ID: #VU112195

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38111

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __mdiobus_read() and __mdiobus_write() functions in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) NULL pointer dereference

EUVDB-ID: #VU112220

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38112

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/net/sock.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) NULL pointer dereference

EUVDB-ID: #VU112219

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38113

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cppc_allow_fast_switch() function in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Input validation error

EUVDB-ID: #VU112263

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38115

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Improper locking

EUVDB-ID: #VU112228

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38117

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mgmt_cmd_complete(), mgmt_pending_new(), mgmt_pending_add() and mgmt_pending_free() functions in net/bluetooth/mgmt_util.c, within the settings_rsp(), cmd_complete_rsp(), mgmt_set_discoverable_complete(), mgmt_set_connectable_complete(), set_ssp_complete(), set_le_complete(), set_mesh_complete(), mgmt_class_complete(), pairing_complete(), mgmt_add_adv_patterns_monitor_complete(), mgmt_remove_adv_monitor_complete(), start_discovery_complete(), stop_discovery_complete(), set_advertising_complete(), set_bredr_complete(), set_secure_conn_complete(), get_conn_info_complete(), get_clock_info_complete(), add_advertising_complete(), add_ext_adv_params_complete(), add_ext_adv_data_complete(), remove_advertising_complete(), mgmt_index_removed(), mgmt_power_on(), __mgmt_power_off(), unpair_device_rsp(), mgmt_disconnect_failed(), mgmt_auth_enable_complete() and mgmt_set_class_of_dev_complete() functions in net/bluetooth/mgmt.c, within the hci_alloc_dev_priv() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Use-after-free

EUVDB-ID: #VU112183

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38118

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mgmt_adv_monitor_added(), __add_adv_patterns_monitor(), mgmt_remove_adv_monitor_complete() and remove_adv_monitor() functions in net/bluetooth/mgmt.c, within the hci_free_adv_monitor() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Memory leak

EUVDB-ID: #VU112173

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38120

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_pipapo_avx2_estimate() and nft_pipapo_avx2_lookup() functions in net/netfilter/nft_set_pipapo_avx2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) NULL pointer dereference

EUVDB-ID: #VU112217

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38122

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gve_tx_add_skb_dqo() function in drivers/net/ethernet/google/gve/gve_tx_dqo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) NULL pointer dereference

EUVDB-ID: #VU112216

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38123

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the t7xx_ccmni_wwan_newlink(), t7xx_ccmni_wwan_dellink(), t7xx_ccmni_recv_skb(), t7xx_ccmni_queue_tx_irq_notify() and t7xx_ccmni_queue_state_notify() functions in drivers/net/wwan/t7xx/t7xx_netdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Improper locking

EUVDB-ID: #VU112230

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38124

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __udp_gso_segment() function in net/ipv4/udp_offload.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper error handling

EUVDB-ID: #VU112244

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38126

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the stmmac_ptp_register() function in drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.c, within the stmmac_init_tstamp_counter() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Improper locking

EUVDB-ID: #VU112232

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38127

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_map_xdp_rings(), ice_prepare_xdp_rings(), mutex_unlock(), ice_destroy_xdp_rings() and ice_xdp_setup_prog() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Use-after-free

EUVDB-ID: #VU112184

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38129

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the page_pool_ethtool_stats_get(), page_pool_return_page() and page_pool_scrub() functions in net/core/page_pool.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU112185

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38131

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL(), _cscfg_activate_config(), _cscfg_deactivate_config(), cscfg_csdev_enable_active_config() and cscfg_csdev_disable_active_config() functions in drivers/hwtracing/coresight/coresight-syscfg.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Improper locking

EUVDB-ID: #VU112233

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38132

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cscfg_remove_owned_csdev_configs() function in drivers/hwtracing/coresight/coresight-syscfg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU112212

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38135

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlb_usio_probe() function in drivers/tty/serial/milbeaut_usio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Use of uninitialized resource

EUVDB-ID: #VU112248

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38136

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the usbhs_probe() and usbhs_fifo_remove() functions in drivers/usb/renesas_usbhs/common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) NULL pointer dereference

EUVDB-ID: #VU112201

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38138

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the udma_probe() function in drivers/dma/ti/k3-udma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Input validation error

EUVDB-ID: #VU112267

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38142

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the asus_ec_hwmon_read_string() function in drivers/hwmon/asus-ec-sensors.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) NULL pointer dereference

EUVDB-ID: #VU112211

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38143

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the wled_configure() function in drivers/video/backlight/qcom-wled.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) NULL pointer dereference

EUVDB-ID: #VU112209

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38145

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the aspeed_lpc_enable_snoop() function in drivers/soc/aspeed/aspeed-lpc-snoop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU112175

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38147

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the netlbl_conn_setattr() function in net/netlabel/netlabel_kapi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Memory leak

EUVDB-ID: #VU112176

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38148

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vsc85xx_txtstamp() function in drivers/net/phy/mscc/mscc_ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) NULL pointer dereference

EUVDB-ID: #VU112208

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38149

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the phy_detach() function in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Improper locking

EUVDB-ID: #VU112235

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38151

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cma_netevent_callback() function in drivers/infiniband/core/cma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Improper error handling

EUVDB-ID: #VU112245

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38153

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the aqc111_read_cmd_nopm() and aqc111_read_cmd() functions in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Improper locking

EUVDB-ID: #VU112237

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38154

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sk_psock_backlog() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) NULL pointer dereference

EUVDB-ID: #VU112207

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38155

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mt7915_mmio_wed_init() function in drivers/net/wireless/mediatek/mt76/mt7915/mmio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Out-of-bounds read

EUVDB-ID: #VU112198

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38157

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ath9k_htc_swba() function in drivers/net/wireless/ath/ath9k/htc_drv_beacon.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Input validation error

EUVDB-ID: #VU112266

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38158

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vf_qm_func_stop(), vf_qm_check_match(), vf_qm_get_match_data() and vf_qm_read_data() functions in drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Out-of-bounds read

EUVDB-ID: #VU112199

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38159

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rtw_coex_tdma_timer_base() function in drivers/net/wireless/realtek/rtw88/coex.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Use-after-free

EUVDB-ID: #VU112191

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38161

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlx5_get_rsc(), create_resource_common() and mlx5_core_destroy_rq_tracked() functions in drivers/infiniband/hw/mlx5/qpc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Buffer overflow

EUVDB-ID: #VU112250

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38162

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the lt_calculate_size(), pipapo_resize(), pipapo_lt_bits_adjust() and pipapo_clone() functions in net/netfilter/nft_set_pipapo.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Improper locking

EUVDB-ID: #VU112238

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38165

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sk_psock_skb_ingress_enqueue(), sk_psock_skb_ingress(), sk_psock_skb_ingress_self() and sk_psock_verdict_apply() functions in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Improper locking

EUVDB-ID: #VU112239

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38166

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Input validation error

EUVDB-ID: #VU112264

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38173

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mv_cesa_skcipher_queue_req() function in drivers/crypto/marvell/cipher.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Race condition

EUVDB-ID: #VU112258

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38174

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tb_cfg_request_dequeue() function in drivers/thunderbolt/ctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Input validation error

EUVDB-ID: #VU112334

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38177

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the eltree_insert() and hfsc_qlen_notify() functions in net/sched/sch_hfsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Use-after-free

EUVDB-ID: #VU112282

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38180

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lec_itf_walk(), lec_seq_start() and lec_seq_stop() functions in net/atm/lec.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Improper error handling

EUVDB-ID: #VU112316

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38181

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the calipso_req_setattr() and calipso_req_delattr() functions in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Input validation error

EUVDB-ID: #VU112314

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38182

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ublk_ctrl_add_dev() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Out-of-bounds read

EUVDB-ID: #VU112290

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38183

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drivers/net/ethernet/microchip/lan743x_ptp.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Use-after-free

EUVDB-ID: #VU112283

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38187

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the r535_gsp_rpc_push() function in drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Memory leak

EUVDB-ID: #VU112278

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38188

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the a6xx_set_pagetable() function in drivers/gpu/drm/msm/adreno/a6xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) NULL pointer dereference

EUVDB-ID: #VU112307

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38192

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bpf_skb_change_protocol(), bpf_skb_proto_4_to_6(), bpf_skb_proto_6_to_4(), bpf_skb_net_grow() and bpf_skb_net_shrink() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Race condition

EUVDB-ID: #VU112324

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38193

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the sfq_change() function in net/sched/sch_sfq.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Input validation error

EUVDB-ID: #VU112332

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38194

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the jffs2_sum_write_sumnode() function in fs/jffs2/summary.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) NULL pointer dereference

EUVDB-ID: #VU112306

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38197

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the packet_read_list() and packet_empty_list() functions in drivers/platform/x86/dell/dell_rbu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) NULL pointer dereference

EUVDB-ID: #VU112305

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38198

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fbcon_info_from_console() function in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Integer underflow

EUVDB-ID: #VU112322

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38200

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the i40e_pf_reset() function in drivers/net/ethernet/intel/i40e/i40e_common.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Resource management error

EUVDB-ID: #VU112328

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38202

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the BPF_CALL_3() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) NULL pointer dereference

EUVDB-ID: #VU112297

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38203

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the jfs_ioc_trim() function in fs/jfs/jfs_discard.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Out-of-bounds read

EUVDB-ID: #VU112291

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38204

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dtInitRoot() and add_missing_indices() functions in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Double free

EUVDB-ID: #VU112315

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38206

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the exfat_free_upcase_table() function in fs/exfat/nls.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) NULL pointer dereference

EUVDB-ID: #VU112303

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38210

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the DECLARE_RWSEM(), tsm_report_privlevel_store(), tsm_report_privlevel_floor_show(), CONFIGFS_ATTR_RO(), tsm_report_read(), tsm_report_make_item(), tsm_register() and tsm_unregister() functions in drivers/virt/coco/tsm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Use-after-free

EUVDB-ID: #VU112285

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38211

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL(), destroy_cm_id() and cm_work_handler() functions in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Use-after-free

EUVDB-ID: #VU112286

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38212

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the shm_try_destroy_orphaned() function in ipc/shm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Out-of-bounds read

EUVDB-ID: #VU112292

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38213

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vgacon_scroll() function in drivers/video/console/vgacon.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Improper error handling

EUVDB-ID: #VU112318

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38214

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the fb_set_var() function in drivers/video/fbdev/core/fbmem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) NULL pointer dereference

EUVDB-ID: #VU112302

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38215

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fb_check_foreignness() and do_register_framebuffer() functions in drivers/video/fbdev/core/fbmem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Improper locking

EUVDB-ID: #VU112312

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38217

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the fts_read() function in drivers/hwmon/ftsteutates.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) NULL pointer dereference

EUVDB-ID: #VU112301

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38220

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ext4_walk_page_buffers() function in fs/ext4/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Improper error handling

EUVDB-ID: #VU112319

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38222

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ext4_prepare_inline_data() function in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) NULL pointer dereference

EUVDB-ID: #VU112300

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38225

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dev_err() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Out-of-bounds read

EUVDB-ID: #VU112295

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38226

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vivid_vid_cap_s_selection() function in drivers/media/test-drivers/vivid/vivid-vid-cap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Use-after-free

EUVDB-ID: #VU112288

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38227

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vidtv_psi_sdt_table_destroy() function in drivers/media/test-drivers/vidtv/vidtv_channel.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Use of uninitialized resource

EUVDB-ID: #VU112321

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38229

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the cxusb_gpio_tuner() function in drivers/media/usb/dvb-usb/cxusb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) NULL pointer dereference

EUVDB-ID: #VU112299

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38231

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfsd_startup_net() function in fs/nfsd/nfssvc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) Use-after-free

EUVDB-ID: #VU112753

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38236

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the IS_ENABLED() and unix_stream_recv_urg() functions in net/unix/af_unix.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Out-of-bounds read

EUVDB-ID: #VU112759

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38239

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the megasas_set_high_iops_queue_affinity_and_hint() function in drivers/scsi/megaraid/megaraid_sas_base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Improper locking

EUVDB-ID: #VU112802

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38244

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smb2_query_server_interfaces() and cifs_signal_cifsd_for_reconnect() functions in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Improper error handling

EUVDB-ID: #VU112817

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38246

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the __bnxt_poll_work() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) Use-after-free

EUVDB-ID: #VU112750

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38248

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the br_multicast_port_ctx_init() function in net/bridge/br_multicast.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Out-of-bounds read

EUVDB-ID: #VU112760

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38249

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_usb_get_audioformat_uac3() function in sound/usb/stream.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Use-after-free

EUVDB-ID: #VU112751

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38250

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the DEFINE_IDA(), hci_dev_get(), hci_dev_do_reset(), hci_dev_reset(), hci_alloc_dev_priv() and hci_unregister_dev() functions in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Buffer overflow

EUVDB-ID: #VU112823

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38257

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the _copy_apqns_from_user() function in drivers/s390/crypto/pkey_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Memory leak

EUVDB-ID: #VU112741

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38259

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the WCD9335_SLIM_TX_CH() and wcd9335_parse_dt() functions in sound/soc/codecs/wcd9335.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Infinite loop

EUVDB-ID: #VU112824

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38264

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the nvme_tcp_fetch_request(), nvme_tcp_init_request(), nvme_tcp_handle_r2t() and nvme_tcp_submit_async_event() functions in drivers/nvme/host/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Resource management error

EUVDB-ID: #VU112832

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38272

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the b53_eee_init() and b53_support_eee() functions in drivers/net/dsa/b53/b53_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Use-after-free

EUVDB-ID: #VU112746

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38273

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tipc_aead_encrypt() function in net/tipc/crypto.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) NULL pointer dereference

EUVDB-ID: #VU112763

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38275

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qmp_usb_iomap() function in drivers/phy/qualcomm/phy-qcom-qmp-usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) Input validation error

EUVDB-ID: #VU112808

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38277

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mxic_ecc_finish_io_req_external() function in drivers/mtd/nand/ecc-mxic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Resource management error

EUVDB-ID: #VU112834

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38279

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the backtrack_insn() and check_cond_jmp_op() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) Input validation error

EUVDB-ID: #VU112843

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38283

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vf_qm_check_match(), vf_qm_load_data() and hisi_acc_vfio_pci_migrn_init_dev() functions in drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Out-of-bounds read

EUVDB-ID: #VU112757

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38286

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the at91_gpio_probe() function in drivers/pinctrl/pinctrl-at91.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Use-after-free

EUVDB-ID: #VU112747

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38289

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Improper locking

EUVDB-ID: #VU112795

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38290

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ath12k_rfkill_work() and ath12k_core_halt() functions in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Use-after-free

EUVDB-ID: #VU112748

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38292

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath12k_dp_rx_msdu_coalesce() function in drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Improper locking

EUVDB-ID: #VU112793

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38293

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ath11k_core_halt() function in drivers/net/wireless/ath/ath11k/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Use-after-free

EUVDB-ID: #VU112749

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38300

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Input validation error

EUVDB-ID: #VU112809

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38303

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hci_set_ext_adv_data_sync() and hci_set_adv_data_sync() functions in net/bluetooth/hci_sync.c, within the eir_create_per_adv_data() and eir_create_adv_data() functions in net/bluetooth/eir.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) NULL pointer dereference

EUVDB-ID: #VU112768

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38304

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the eir_create_scan_rsp() function in net/bluetooth/eir.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Improper locking

EUVDB-ID: #VU112792

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38305

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drivers/ptp/ptp_private.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) NULL pointer dereference

EUVDB-ID: #VU112767

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38307

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the trace_control_write() function in sound/soc/intel/avs/debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Input validation error

EUVDB-ID: #VU112810

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38310

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sizeof() function in net/ipv6/seg6_local.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Input validation error

EUVDB-ID: #VU112811

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38312

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the fb_find_mode_cvt() function in drivers/video/fbdev/core/fbcvt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Double free

EUVDB-ID: #VU112815

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38313

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the fsl_mc_device_add() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) NULL pointer dereference

EUVDB-ID: #VU112764

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38319

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the atomctrl_initialize_mc_reg_table() and atomctrl_initialize_mc_reg_table_v2_2() functions in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) Use-after-free

EUVDB-ID: #VU112743

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38323

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the DEFINE_MUTEX(), lec_vcc_attach(), lecd_attach() and lane_ioctl() functions in net/atm/lec.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) Improper locking

EUVDB-ID: #VU112784

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38326

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the aoedev_downdev() function in drivers/block/aoe/aoedev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) NULL pointer dereference

EUVDB-ID: #VU112762

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38328

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the jffs2_scan_medium() function in fs/jffs2/scan.c, within the jffs2_mark_erased_block() function in fs/jffs2/erase.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) Buffer overflow

EUVDB-ID: #VU112821

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38332

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the lpfc_sli4_get_ctl_attr() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) Use-after-free

EUVDB-ID: #VU112744

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38334

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the arch_memory_failure() function in arch/x86/kernel/cpu/sgx/main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) Improper locking

EUVDB-ID: #VU112782

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38335

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gpio_keys_irq_isr() and gpio_keys_setup_key() functions in drivers/input/keyboard/gpio_keys.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) Resource management error

EUVDB-ID: #VU112831

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38336

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the via_mode_filter() function in drivers/ata/pata_via.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) NULL pointer dereference

EUVDB-ID: #VU112761

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38337

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the jbd2_journal_dirty_metadata() function in fs/jbd2/transaction.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Improper locking

EUVDB-ID: #VU112781

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38338

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nfs_return_empty_folio() function in fs/nfs/read.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Buffer overflow

EUVDB-ID: #VU112828

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38342

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the software_node_get_reference_args() function in drivers/base/swnode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Input validation error

EUVDB-ID: #VU113104

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38343

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mt7996_mac_fill_rx() function in drivers/net/wireless/mediatek/mt76/mt7996/mac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) Memory leak

EUVDB-ID: #VU112736

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38344

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

157) Memory leak

EUVDB-ID: #VU112737

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38345

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

158) Input validation error

EUVDB-ID: #VU112807

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38348

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the p54_rx_eeprom_readback() function in drivers/net/wireless/intersil/p54/txrx.c, within the p54_download_eeprom() function in drivers/net/wireless/intersil/p54/fwio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

159) Use-after-free

EUVDB-ID: #VU113102

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38349

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __ep_remove() and ep_clear_and_put() functions in fs/eventpoll.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

160) Use-after-free

EUVDB-ID: #VU113101

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38350

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qdisc_alloc_handle() and qdisc_tree_reduce_backlog() functions in net/sched/sch_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

161) Race condition

EUVDB-ID: #VU113313

Risk: High

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2025-38352

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the run_posix_cpu_timers() function in kernel/time/posix-cpu-timers.c. A local user can escalate privileges on the system.

Note, the vulnerability is being actively exploited in the wild against Android devices.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

162) Improper locking

EUVDB-ID: #VU113294

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38354

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the msm_devfreq_init() function in drivers/gpu/drm/msm/msm_gpu_devfreq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

163) NULL pointer dereference

EUVDB-ID: #VU113276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38362

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mod_hdcp_hdcp1_enable_encryption() function in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

164) NULL pointer dereference

EUVDB-ID: #VU113275

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38363

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tegra_crtc_reset() function in drivers/gpu/drm/tegra/dc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

165) NULL pointer dereference

EUVDB-ID: #VU113274

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38364

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mas_preallocate() function in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

166) Race condition

EUVDB-ID: #VU113312

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38365

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the btrfs_rename_exchange() and btrfs_rename() functions in fs/btrfs/inode.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

167) Resource management error

EUVDB-ID: #VU113316

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38369

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the idxd_cdev_evl_drain_pasid() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

168) NULL pointer dereference

EUVDB-ID: #VU113272

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38371

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the v3d_hub_irq(), v3d_irq_init() and v3d_irq_disable() functions in drivers/gpu/drm/v3d/v3d_irq.c, within the v3d_reset() function in drivers/gpu/drm/v3d/v3d_gem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

169) Improper locking

EUVDB-ID: #VU113289

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38373

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mlx5_ib_revoke_data_direct_mrs(), mlx5_revoke_mr() and __mlx5_ib_dereg_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

170) Out-of-bounds read

EUVDB-ID: #VU113254

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38375

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mergeable_ctx_to_truesize(), virtnet_get_headroom(), xdp_linearize_page(), receive_small_xdp() and mergeable_xdp_get_buf() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

171) Resource management error

EUVDB-ID: #VU113326

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38376

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the udc_suspend() and udc_resume() functions in drivers/usb/chipidea/udc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

172) Use-after-free

EUVDB-ID: #VU113244

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38377

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rose_rt_device_down() function in net/rose/rose_route.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

173) Out-of-bounds read

EUVDB-ID: #VU113255

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38380

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the amd_i2c_dw_xfer_quirk() function in drivers/i2c/busses/i2c-designware-master.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

174) Infinite loop

EUVDB-ID: #VU113310

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38382

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

175) Memory leak

EUVDB-ID: #VU113237

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38384

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the spinand_cleanup() function in drivers/mtd/nand/spi/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

176) Improper locking

EUVDB-ID: #VU113282

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38385

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the lan78xx_disconnect() function in drivers/net/usb/lan78xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

177) Use-after-free

EUVDB-ID: #VU113246

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38386

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the acpi_ds_call_control_method() function in drivers/acpi/acpica/dsmethod.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

178) NULL pointer dereference

EUVDB-ID: #VU113270

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38387

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the subscribe_event_xa_alloc() function in drivers/infiniband/hw/mlx5/devx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

179) Resource management error

EUVDB-ID: #VU113327

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38389

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ring_context_alloc() function in drivers/gpu/drm/i915/gt/intel_ring_submission.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

180) Out-of-bounds read

EUVDB-ID: #VU113256

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38391

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the pin_assignment_show() function in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

181) Use-after-free

EUVDB-ID: #VU113247

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38392

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the idpf_alloc_dma_mem() and idpf_free_dma_mem() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c, within the idpf_ctlq_init_rxq_bufs(), idpf_ctlq_shutdown(), idpf_ctlq_add(), idpf_ctlq_send(), idpf_ctlq_clean_sq(), idpf_ctlq_post_rx_buffs(), wr32() and idpf_ctlq_recv() functions in drivers/net/ethernet/intel/idpf/idpf_controlq.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

182) Improper locking

EUVDB-ID: #VU113284

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38393

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nfs_layoutget_begin() function in fs/nfs/pnfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

183) Out-of-bounds read

EUVDB-ID: #VU113257

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38395

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the gpio_regulator_probe() function in drivers/regulator/gpio-regulator.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

184) Buffer overflow

EUVDB-ID: #VU113332

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38396

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the secretmem_file_create() function in mm/secretmem.c, within the anon_inode_make_secure_inode() and __anon_inode_getfile() functions in fs/anon_inodes.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

185) NULL pointer dereference

EUVDB-ID: #VU113269

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38399

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kmem_cache_free() function in drivers/target/target_core_pr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

186) Memory leak

EUVDB-ID: #VU113239

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38400

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the EXPORT_SYMBOL_GPL() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

187) Buffer overflow

EUVDB-ID: #VU113308

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38401

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the msdc_prepare_data() and msdc_ops_request() functions in drivers/mmc/host/mtk-sd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

188) Use of uninitialized resource

EUVDB-ID: #VU113303

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38403

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the vmci_transport_packet_init() function in net/vmw_vsock/vmci_transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

189) Improper locking

EUVDB-ID: #VU113281

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38404

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dp_altmode_vdm() function in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

190) Input validation error

EUVDB-ID: #VU113341

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38406

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ath6kl_bmi_get_target_info() function in drivers/net/wireless/ath/ath6kl/bmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

191) Memory leak

EUVDB-ID: #VU113231

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38409

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the msm_ioctl_gem_submit() and mutex_unlock() functions in drivers/gpu/drm/msm/msm_gem_submit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

192) Memory leak

EUVDB-ID: #VU113232

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38410

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __msm_gem_submit_destroy() function in drivers/gpu/drm/msm/msm_gem_submit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

193) Input validation error

EUVDB-ID: #VU113342

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38412

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the init_bios_attributes() function in drivers/platform/x86/dell/dell-wmi-sysman/sysman.c, within the current_value_show() function in drivers/platform/x86/dell/dell-wmi-sysman/string-attributes.c, within the is_enabled_show() function in drivers/platform/x86/dell/dell-wmi-sysman/passobj-attributes.c, within the current_value_show() function in drivers/platform/x86/dell/dell-wmi-sysman/int-attributes.c, within the current_value_show() function in drivers/platform/x86/dell/dell-wmi-sysman/enum-attributes.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

194) Input validation error

EUVDB-ID: #VU113333

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38414

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ath12k_pci_enable_ltssm() function in drivers/net/wireless/ath/ath12k/pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

195) Out-of-bounds read

EUVDB-ID: #VU113253

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38415

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the squashfs_fill_super() function in fs/squashfs/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

196) Input validation error

EUVDB-ID: #VU113343

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38416

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nci_uart_set_driver() function in net/nfc/nci/uart.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

197) NULL pointer dereference

EUVDB-ID: #VU113267

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38420

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the carl9170_usb_rx_complete() function in drivers/net/wireless/ath/carl9170/usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

198) Buffer overflow

EUVDB-ID: #VU113320

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38424

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the do_exit() function in kernel/exit.c, within the perf_sample_ustack_size() and perf_callchain() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

199) Input validation error

EUVDB-ID: #VU113334

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38425

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tegra_i2c_xfer() function in drivers/i2c/busses/i2c-tegra.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

200) Input validation error

EUVDB-ID: #VU113296

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38426

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the amdgpu_ras_eeprom_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ras_eeprom.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

201) Buffer overflow

EUVDB-ID: #VU113306

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38428

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the ims_pcu_flash_firmware() function in drivers/input/misc/ims-pcu.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

202) Use of uninitialized resource

EUVDB-ID: #VU113302

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38429

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mhi_ep_ring_add_element() function in drivers/bus/mhi/ep/ring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

203) Input validation error

EUVDB-ID: #VU113335

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38430

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nfsd4_spo_must_allow() function in fs/nfsd/nfs4proc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

204) Input validation error

EUVDB-ID: #VU113340

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38436

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the drm_sched_entity_kill_jobs_work() function in drivers/gpu/drm/scheduler/sched_entity.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

205) Use-after-free

EUVDB-ID: #VU113241

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38443

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nbd_start_device() and set_bit() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

206) Improper locking

EUVDB-ID: #VU113280

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38448

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __acquires() and gs_start_io() functions in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

207) Improper locking

EUVDB-ID: #VU113279

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38449

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drm_gem_fb_destroy() and drm_gem_fb_init_with_funcs() functions in drivers/gpu/drm/drm_gem_framebuffer_helper.c, within the drm_gem_private_object_fini(), drm_gem_object_exported_dma_buf_free(), drm_gem_object_handle_put_unlocked() and drm_gem_handle_create_tail() functions in drivers/gpu/drm/drm_gem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

208) Input validation error

EUVDB-ID: #VU113295

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38455

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sev_check_source_vcpus() function in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

209) Improper error handling

EUVDB-ID: #VU113300

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38457

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the qdisc_leaf(), tc_get_qdisc() and NL_SET_ERR_MSG() functions in net/sched/sch_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

210) NULL pointer dereference

EUVDB-ID: #VU113260

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38460

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the DEFINE_MUTEX(), to_atmarpd(), atmarpd_close() and atm_init_atmarp() functions in net/atm/clip.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

211) Improper locking

EUVDB-ID: #VU113277

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38461

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL() and vsock_assign_transport() functions in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

212) NULL pointer dereference

EUVDB-ID: #VU113259

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38462

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vsock_assign_transport() and vsock_dev_do_ioctl() functions in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

213) Buffer overflow

EUVDB-ID: #VU113305

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38463

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the net/ipv4/tcp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

214) Buffer overflow

EUVDB-ID: #VU113331

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38465

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the netlink_skb_set_owner_r(), netlink_alloc_large_skb(), netlink_unicast_kernel(), EXPORT_SYMBOL_GPL() and netlink_dump() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

215) NULL pointer dereference

EUVDB-ID: #VU113258

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38467

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the decon_irq_handler() function in drivers/gpu/drm/exynos/exynos7_drm_decon.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

216) NULL pointer dereference

EUVDB-ID: #VU113389

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38468

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the htb_lookup_leaf() function in net/sched/sch_htb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

217) Memory leak

EUVDB-ID: #VU113369

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38470

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __vlan_device_event() and vlan_device_event() functions in net/8021q/vlan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

218) Use-after-free

EUVDB-ID: #VU113370

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38471

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tls_strp_read_sock() function in net/tls/tls_strp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

219) Use-after-free

EUVDB-ID: #VU113373

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38473

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_sock_resume_cb() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

220) Input validation error

EUVDB-ID: #VU113411

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38474

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sierra_net_bind() function in drivers/net/usb/sierra_net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

221) Use-after-free

EUVDB-ID: #VU113375

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38476

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rpl_do_srh_inline() function in net/ipv6/rpl_iptunnel.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

222) Use-after-free

EUVDB-ID: #VU113376

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38477

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qfq_change_class(), qfq_delete_class(), qfq_dump_class() and qfq_dump_class_stats() functions in net/sched/sch_qfq.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

223) Use of uninitialized resource

EUVDB-ID: #VU113402

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38478

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the do_insnlist_ioctl() and do_insn_ioctl() functions in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

224) Use of uninitialized resource

EUVDB-ID: #VU113403

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38480

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the insn_rw_emulate_bits() function in drivers/comedi/drivers.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

225) Resource management error

EUVDB-ID: #VU113406

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38481

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the check_insnlist_len(), comedi_unlocked_ioctl() and compat_insnlist() functions in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

226) Out-of-bounds read

EUVDB-ID: #VU113380

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38482

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the das6402_attach() function in drivers/comedi/drivers/das6402.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

227) Out-of-bounds read

EUVDB-ID: #VU113381

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38483

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the das16m1_attach() function in drivers/comedi/drivers/das16m1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

228) Use-after-free

EUVDB-ID: #VU113378

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38485

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fxls8962af_buffer_predisable() function in drivers/iio/accel/fxls8962af-core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

229) NULL pointer dereference

EUVDB-ID: #VU113393

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38487

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the aspeed_lpc_enable_snoop() and aspeed_lpc_disable_snoop() functions in drivers/soc/aspeed/aspeed-lpc-snoop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

230) NULL pointer dereference

EUVDB-ID: #VU113396

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38489

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bpf_jit_plt() function in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

231) Buffer overflow

EUVDB-ID: #VU113407

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38494

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the __hid_request() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

232) Incorrect calculation

EUVDB-ID: #VU113410

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38495

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

233) Improper locking

EUVDB-ID: #VU113397

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38496

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __evict_many() function in drivers/md/dm-bufio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

234) Out-of-bounds read

EUVDB-ID: #VU113387

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38497

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the webusb_landingPage_store() and os_desc_qw_sign_store() functions in drivers/usb/gadget/configfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

235) Improper privilege management

EUVDB-ID: #VU113806

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38498

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the do_change_type() function in fs/namespace.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Real Time Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

kernel-livepatch-6_4_0-150600_10_49-rt: before 1-150600.1.5.1

kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource: before 1-150600.1.5.1

kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo: before 1-150600.1.5.1

kernel-rt_debug: before 6.4.0-150600.10.49.1

kernel-rt: before 6.4.0-150600.10.49.1

kernel-devel-rt: before 6.4.0-150600.10.49.1

kernel-source-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-debuginfo: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt: before 6.4.0-150600.10.49.1

dlm-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-devel: before 6.4.0-150600.10.49.1

kernel-rt-extra: before 6.4.0-150600.10.49.1

cluster-md-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-extra-debuginfo: before 6.4.0-150600.10.49.1

kselftests-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-devel: before 6.4.0-150600.10.49.1

kernel-rt-debuginfo: before 6.4.0-150600.10.49.1

ocfs2-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt_debug-vdso: before 6.4.0-150600.10.49.1

kernel-rt-devel-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt_debug-debugsource: before 6.4.0-150600.10.49.1

kernel-rt-livepatch-devel: before 6.4.0-150600.10.49.1

kernel-rt-vdso-debuginfo: before 6.4.0-150600.10.49.1

gfs2-kmp-rt: before 6.4.0-150600.10.49.1

gfs2-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-rt-debugsource: before 6.4.0-150600.10.49.1

dlm-kmp-rt: before 6.4.0-150600.10.49.1

kernel-rt-optional: before 6.4.0-150600.10.49.1

reiserfs-kmp-rt-debuginfo: before 6.4.0-150600.10.49.1

kernel-syms-rt: before 6.4.0-150600.10.49.1

kernel-rt-vdso: before 6.4.0-150600.10.49.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-202503023-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###