SB20251022159 - SUSE update for the Linux Kernel (Live Patch 41 for SLE 15 SP4)

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Incorrect calculation (CVE-ID: CVE-2025-21971)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the tc_ctl_tclass() function in net/sched/sch_api.c. A local user can perform a denial of service (DoS) attack.

2) Double free (CVE-ID: CVE-2025-38206)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the exfat_free_upcase_table() function in fs/exfat/nls.c. A local user can perform a denial of service (DoS) attack.

3) Input validation error (CVE-ID: CVE-2025-38499)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the clone_private_mount() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.

4) Use of uninitialized resource (CVE-ID: CVE-2025-38644)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ieee80211_tdls_oper() function in net/mac80211/tdls.c. A local user can perform a denial of service (DoS) attack.

5) Resource management error (CVE-ID: CVE-2025-38678)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nf_tables_updchain() and nft_flowtable_update() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.suse.com/support/update/announcement/2025/suse-su-20253717-1/